PHP :: Bug #19697 :: mcrypt and cookies

Bug #19697	mcrypt and cookies
Submitted:	2002-10-01 14:58 UTC	Modified:	2002-10-02 13:32 UTC
From:	avillarm at terra dot es	Assigned:
Status:	Not a bug	Package:	mcrypt related
PHP Version:	4.2.2	OS:	Linux
Private report:	No	CVE-ID:	None

View Developer Edit

Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.

Password:

Status:
Package:
Bug Type:
Summary:
From:	avillarm at terra dot es
New email:
PHP Version:		OS:

New Comment:

[2002-10-01 14:58 UTC] avillarm at terra dot es

I use the rijndael-256 encryption.

I think that there is a bug with this time of encryption or the cookies. Yesterday I got an error when I saved the IV to a cookie. The correct value should be "????|??'ds?A??懲?5؃A???qYbI;?" but when I save the IV value to a cookie and then display it, I shows "????|??\'ds?A??懲?5؃A???qYbI;?". That are 33 chars, not 32. Why that "\"?

I don't know if this a PHP problem, a mcrypt problem, a rijndael-256 encryption bug, or a limitation of the cookies.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2002-10-01 15:00 UTC] avillarm at terra dot es

I use the rijndael-256 encryption.

I think that there is a bug with this type of encryption or the cookies.
Yesterday I got an error when I saved the IV to a cookie. The correct
value should be "????|??'ds?A??懲?5؃A???qYbI;?" but when I save the
IV value to a cookie and then display it, I shows
"????|??\'ds?A??懲?5؃A???qYbI;?". That are 33 chars, not 32. Why that
"\"?

I don't know if this a PHP problem, a mcrypt problem, a rijndael-256
encryption bug, or a limitation of the cookies.

[2002-10-01 15:01 UTC] derick@php.net

Sorry, but the bug system is not the appropriate forum for asking
support questions. Your problem does not imply a bug in PHP itself.
For a list of more appropriate places to ask for help using PHP,
please visit http://www.php.net/support.php

Thank you for your interest in PHP.

You shouldn't store binary data into cookies, use base64_encode() or similiar. Also, that slash was most likely added because you have something like magic_quotes set to on in php.ini

[2002-10-01 15:01 UTC] avillarm at terra dot es

Sorry, the only change in the bug report was: "type=time".

[2002-10-01 15:04 UTC] avillarm at terra dot es

Ok, thanks.

[2002-10-01 15:05 UTC] iliaa@php.net

Sorry, but the bug system is not the appropriate forum for asking
support questions. Your problem does not imply a bug in PHP itself.
For a list of more appropriate places to ask for help using PHP,
please visit http://www.php.net/support.php

Thank you for your interest in PHP.

cookies are not binary safe. Use base64_encode() function to encode them if you wish to prevent data corruption.

[2002-10-02 13:10 UTC] avillarm at terra dot es

Ok, used the base64_encode and it works :)

[2002-10-02 13:32 UTC] sander@php.net

User error -> bogus

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Sat Dec 21 17:01:58 2024 UTC