Home » Generate secure URL token in PHP with a simple class

Generate secure URL token in PHP with a simple class

I often have to look back at previous projects that I’ve done to generate a quick token that is URL friendly so I can issue out email links with some encrypted data in them. There are plenty of crypto nerds out there that will get super crazy with their techniques and I totally support them. This one is just a simple class that’s not supposed to be NSA proof, but still allows you to simply encrypt and decrypt a string based on a pass phrase you provide.

Start by pasting this into a file like “cipher.php” or something and including it:

Then you can use it as follows:

That’s basically the entire idea. You’ll obviously want to pass your own secure pass phrase into the class in the constructor. Cheers!

8 comments on “Generate secure URL token in PHP with a simple class

  1. Bhavik on

    Its not working in decoding

    This is the output of
    Encrypted string: ABrzPKyvgtqj83bA%2FZyHOSHltBSxv98q8pAtef922lg%3D

    This is the out of

    Decrypted string: ���k�¦6���cVκ� �CH^��v�.x��Z�� ��}�g�W�-D�P����`��m\4�

    what is the problem?

  2. tai day on

    obviously like your web-site but you need to check the spelling on quite
    a few of your posts. Many of them are rife with spelling issues and I find it very troublesome to inform the truth then again I
    will certainly come again again.

    • Jeff Hays on

      I’m unable to find any spelling errors on the site – do you have a link to a page/post on this site that has a spelling error? Perhaps it’s your browser translating the site for you? Your comment seems to contain more spelling errors than the site :-\

  3. Ricky on

    Your decode is adding \0 bytes and I noticed the urldecode in the wrong place. Here’s how I fixed it.

    You will need that if you want to json_encode and then json_decode the decrypted results.

    • Jeff Hays on

      This tutorial is specifically for the use of encrypting/decrypting URL tokens. The code works as expected to encrypt and decrypt an encrypted string passed through a URL, but I’m glad you were able to tailor it to your specific needs.


Leave a Reply

Your email address will not be published. Required fields are marked *