Discuz classic function annotation authcode, a must-read for enthusiasts

The most classic function among the Discuz functions is the authcode function, because supesite, UCenterHome, UCenter, and Discuz X all use this function to encrypt transmission strings and cookies

Today I will bring you a detailed explanation of authcode. If the writing is not good, please give me a try. If you like it, you can learn from it!

• /*
• *
• * Function: Encrypt and decrypt a string through a fixed key. The encrypted string is random
• * Parameter analysis: $string is the encrypted string. $operation is the operation type ('ENCODE' is encryption, 'DECODE' is decryption operation), $key is the key used for encryption, $expiry is the expiration time
• * Usage example: authcode('123', 'ENCODE', 'jordan', 0); Use the string 'jordan' to encrypt the string '123'
• *
• * */
• function authcode($string, $operation = 'DECODE', $key = '', $ ExpiRY = 0) {
• // keyc length, you need to use it to generate a password book with the key to $ cKEY_LENGTH = 4; $key = md5($key ? $key : $GLOBALS['discuz_auth_key']); , 0, 16));
•                                                                                  // keyb is the second md5 of the above md5 (16 digits after the key), verification string
•                 $keyb = md5(substr($key, 16, 16)); /Take the length of the keyc
• // is decrypted, and the keyc intercepts the password string. Note: Keyc is passed over, unchanged
• // Note: keyc is random
• $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : '';
•                                                                 using keya to splice md5 and then splicing keya and keyc, used for encryption or decryption                                                                                                    $cryptkey = $$keya.md5($keya.$keyc); /$ CryptKey is 16+32 = 48
• $ key_length = Strlen ($ Cryptkey); Because it is spliced ​​at the front during encryption, and base64 is decoded
•                                                                                                                                                                            // If encrypted, concatenate the timestamp with the expiration seconds, format it into a ten-digit string, concatenate it with 16 digits of the verification string, and then concatenate the original string
•          $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string) .$keyb), 0, 16).$string;
•               //Get the length of the processed string
•                                                                                                                                                                              . /fill box array(0, 1, 2, 3, ...omitted... , 255);
•                       $box = range(0, 255); String
•           $rndkey = array();
•                                                                     using   with using           through using   through   through using   through out through out out through out out through out out through out out out out out out out ’'s'  ’s’’ back‐‐to‐‐‐‐‐‐‐ string to
• to } 续 // Continue to disrupt the generating password book
• ($ j = $ i = 0; $ i & lt; 256; $ i ++) {
• $ j = ($ j + $ box [$ i] + $ rndkey [ $i]) % 256;
•                                                                      
•                                                                                                                                                                                                                           to ‐ to be to have the secret to be random
•                      256;
•                                                                                                              $box[ $j] = $tmp;
•                                                                                                                                                                                                              $box[$j]) % 256]); Consistent
•                                                                                                                                                                                                        md5 (Substr ($ Result, 26). $ Keyb), 0, 16)) {
• // Verification Pass, return the original string
• Return Substr ($ Result, 26);
• } else {
• //
•                                                                                                                                                                                             return //Encryption completed
•                                                                                                                           return $keyc.str_replace('=', '', base64_encode($result) );
•          }
• ｝
• cookies
•