On Thu, Dec 1, 2011 at 1:14 AM, Rick Dwyer <rpdwyer@xxxxxxxxxxxxx> wrote: > On Nov 30, 2011, at 5:13 PM, Matijn Woudt wrote: >>> >> >> Your decrypt function seems fine, and the encrypt/decrypt functions >> work fine both in the same file for me. Now you say you use >> $_GET["myval"], which means you get them from URL. Base64 is not URL >> safe, have you used urlencode()? >> >> Matijn >> > > > OK, the problem appears to be that my string encoded contains a + symbol: > > Sw+ht0agaQRBpFlfHSucpYZ.... > > So I rawurlencode it and if I echo it out, it appears correctly on the page > as: > > Sw%2Bht0agaQRBpFlfHSucpYZ .... > > BUT... when I pass this encrypted value off to PayPal (I'm integrating with > them), encoded, when they return me to my site, instead of passing me my > value as above, they are somehow decoding back to the original: > > Sw+ht0agaQRBpFlfHSucpYZ.... > > As I can see it in the URL. The + symbol is then interpretted as a space > instead of + symbol and a result, my decrypt function fails. > > So I send off the encrypted value encoded to PayPal but when they go to > redirect back to my site after payment has been made, instead of the url > with Sw%2Bht0agaQRBpFlfHSucpYZ .... in it, they are decoding it so my url > contains Sw+ht0agaQRBpFlfHSucpYZ.... which causes me problems. > > Is there alternative encrypting scheme that will not need url encoding (so I > can be sure the passed url back from PayPal is ok as is)? > > --Rick It seems normal to me that it is decoded, I think that's how it's supposed to work. How about urlencoding it twice? That might just work. Other possibility is to send it as a string of hex characters using hex2bin or something like that. Matijn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
