#19697 [Opn->Bgs]: mcrypt and cookies

Tue, 01 Oct 2002 12:32:38 -0700 

 ID:               19697
 Updated by:       [EMAIL PROTECTED]
 Reported By:      [EMAIL PROTECTED]
-Status:           Open
+Status:           Bogus
 Bug Type:         mcrypt related
 Operating System: Linux
 PHP Version:      4.2.2
 New Comment:

Sorry, but the bug system is not the appropriate forum for asking
support questions. Your problem does not imply a bug in PHP itself.
For a list of more appropriate places to ask for help using PHP,
please visit http://www.php.net/support.php

Thank you for your interest in PHP.

cookies are not binary safe. Use base64_encode() function to encode
them if you wish to prevent data corruption.


Previous Comments:
------------------------------------------------------------------------

[2002-10-01 15:04:22] [EMAIL PROTECTED]

Ok, thanks.

------------------------------------------------------------------------

[2002-10-01 15:01:59] [EMAIL PROTECTED]

Sorry, the only change in the bug report was: "type=time".

------------------------------------------------------------------------

[2002-10-01 15:01:11] [EMAIL PROTECTED]

Sorry, but the bug system is not the appropriate forum for asking
support questions. Your problem does not imply a bug in PHP itself.
For a list of more appropriate places to ask for help using PHP,
please visit http://www.php.net/support.php

Thank you for your interest in PHP.

You shouldn't store binary data into cookies, use base64_encode() or
similiar. Also, that slash was most likely added because you have
something like magic_quotes set to on in php.ini

------------------------------------------------------------------------

[2002-10-01 15:00:52] [EMAIL PROTECTED]

I use the rijndael-256 encryption.

I think that there is a bug with this type of encryption or the
cookies.
Yesterday I got an error when I saved the IV to a cookie. The correct
value should be "���|��'ds�A��懲�5؃A���qYbI;�" but when I save the
IV value to a cookie and then display it, I shows
"���|��\'ds�A��懲�5؃A���qYbI;�". That are 33 chars, not 32. Why
that
"\"?

I don't know if this a PHP problem, a mcrypt problem, a rijndael-256
encryption bug, or a limitation of the cookies.

------------------------------------------------------------------------

[2002-10-01 14:58:23] [EMAIL PROTECTED]

I use the rijndael-256 encryption.

I think that there is a bug with this time of encryption or the
cookies. Yesterday I got an error when I saved the IV to a cookie. The
correct value should be "���|��'ds�A��懲�5؃A���qYbI;�" but when I
save the IV value to a cookie and then display it, I shows
"���|��\'ds�A��懲�5؃A���qYbI;�". That are 33 chars, not 32. Why
that "\"?

I don't know if this a PHP problem, a mcrypt problem, a rijndael-256
encryption bug, or a limitation of the cookies.

------------------------------------------------------------------------


-- 
Edit this bug report at http://bugs.php.net/?id=19697&edit=1

Reply via email to