The facts :
As you may know, some tools like firebug helps you tracing incoming and outcoming data between flash and scripts, even if you use POST data.
See below how firebug can trace all variables sent through the POST data :
firebug tracing
So i tried to figure out how to implement a crypted system to secure (a little bit more) these data, with an encryption key if possible.
I found the useful project on the web : as3crypto project
Thanks to this class, you can crypt/decrypt in flash but as far as i looked the sources, there was no information about crypt/decrypt on php side.
But i found another message in a forum where a php code was given, so i mixed both to provide you a simple way to set both sides.
In my example, flash send some data to php using crypted message and PHP answer another crypted message (+ the original decrypted flash message for verification):
-
Using the php class : cryptlib.php
- create an instance of the class, and call the init with the crypted key as parameter
- decrypt the sent message (using POST object)
include_once "lib/cryptlib.php";
// init a new instance of Crypto Class
$crypto = new Crypt;
// init with the encryption key
$result = $crypto->init("PASSWORD");
// get the POST data
$messagefromflash = $_POST ["message"];
// decrypt data
$decrypted_messagefromflash = $crypto->decrypt(utf8_decode($messagefromflash));
but you can also send back crypted data to flash using the "encrypt" method
// return a crypted result to flash $resultmsg = "Ok, i received your data, everything is fine !"; echo "result=".$crypto->encrypt(utf8_encode($resultmsg));
-
Using the as3 class : CryptoCode.as
- in your main class, create an instance of the CryptoCode class that will crypt/decrypt your data.
- call the init method with the same key as PHP (just like PHP code)
- then call "encrypt(s:String)" or ""decrypt(s:String)" methods through your crypto instance
// instance of crypto class
private var _crypto : CryptoCode;
public var myLoader : URLLoader;
// create instance with encryption key
_crypto = new CryptoCode("PASSWORD");
// send crypted string to php script
var variables : URLVariables = new URLVariables();
variables.message = _crypto.encrypt(tosend_in.text);
// create request with POST method
var request : URLRequest = new URLRequest("http://www.lecrabe.net/wordpress/demo/crypt/scripts/testcrypto.php");
request.method = URLRequestMethod.POST;
request.data = variables;
// send request
myLoader.load(request);
If you want to get the whole example, please download the sources.
Enjoy.
décembre 16th, 2009 at 15 h 03 min
What a nice syntax highlighter
décembre 18th, 2009 at 4 h 05 min
You’re the king of the world, already notice this problem but never try to look for a solution. Anyway nice post.
mars 14th, 2010 at 14 h 43 min
Hi,
is there any example that works in AS 2.0 also?
Thx,
ukw
mars 14th, 2010 at 16 h 33 min
I guess there would be a way to port the code into AS2, but good luck to you, there are a bunch of class to port..
But why not taking advantage of AS3 power ?
août 19th, 2010 at 22 h 36 min
Hello,
Cool solution, it works good but i have only one problem :
if I put an underscore into the string to encrypt, the decrypted string will not be the same…
Have you experienced this issue ??
Thanks.
Leks
août 22nd, 2010 at 14 h 10 min
Hello,
No i did not have any problems with any character.
I opened the article example, put some underscore, and decoded string is ok for me.
regards.
Arthy