有一种防弹的方法可以检测php字符串中的base64编码吗?

I am currently working on a Website where I have mixed values stored in my db and I'd like to find a solution to detect a string for base64 encryption or not. I've come up with this piece of code so far with help from Abhinav bhardwaj on this post (Detect base64 encoding in PHP?):

我目前正在一个网站上工作，我的db中存储了混合值，我想找到一个解决方案来检测base64加密的字符串。到目前为止，在Abhinav bhardwaj的帮助下，我已经完成了这段代码(在PHP中检测base64编码?)

function IsBase64($s)
{
    // Check if there are valid base64 characters
    if (!preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $s)) return false;
    // Decode the string in strict mode and check the results
    $decoded = base64_decode($s, true);
    if(false === $decoded) return false;
    // if string returned contains not printable chars
    if (0 < preg_match('/((?![[:graph:]])(?!\s)(?!\p{L}))./', $decoded, $matched)) return false;
    // Encode the string again
    if(base64_encode($decoded) != $s) return false;
    return true;
}

It only works halfway for example values like 1234, 7000, reno and other 4-lettered and digited inputs resolve as true even if they are not... Now my question: Is there any reliable way of doing the base64 detection or do i have to keep a list of unencoded and encoded tables and treat them different?

它只在示例值(如1234、7000、reno和其他4字母和数字输入)中工作了一半，即使它们不是……现在我的问题是:有什么可靠的方法来进行base64检测吗?还是我必须保留一个未编码和编码的表列表，并对它们进行不同的处理?

My Plan would have been to merge the data (which some of it needs decryption and some doesn't) together in the end to one php result object and return it as a JSON text.

我的计划是将数据(其中一些需要解密，有些不需要)合并到一个php结果对象中，并将其作为JSON文本返回。

Any help on this is much appreciated!

对此有任何帮助，不胜感激!

Thank you in advanced!

谢谢你在发达!

EDIT : After Yoshi's Answering i want to pin my conclusion on the top for others that are looking for a easy solution to encode/decode specific data:

编辑:在Yoshi回答之后，我想把我的结论写在上面，给那些正在寻找一种简单的编码/解码特定数据的解决方案的人:

I think the best way would rather be, to keep the encoded data under a specific key in the db and look out in the query dataset result if this specific key is contained to keep track of the content that needs to be decrypted...

我认为最好的办法是，将编码的数据保存在db中的一个特定键下，并在查询数据集结果中查找，如果包含这个特定键来跟踪需要解密的内容……

FYI: I have updated my Website to this behaviour and i have to admit it works like a charm!

我已经更新了我的网站以适应这种行为，我必须承认它很有魅力!

2 个解决方案

#1

base64 encoded string is basically (A-Z), (a-z), (0-9) padded with = to mod 4.So, any combination of letters in multiples of 4 is valid to be base64.

base64编码的字符串基本上是(A-Z)、(A-Z)、(0-9)和= to mod 4。所以，任何以4为倍数的字母组合都可以是base64。

function IsBase64($str) {
    if (strlen($str) % 4 == 0) {
        return true;
    } else {
        return false;
    }
}

2 个解决方案

#1

更多相关文章

随机推荐