I want to transmit a token as URL-Parameter.
- Is it safe to just encrypt the token like in Version 1?
-
Or needs the token to be encoded like in Version 2 because of unsafe characters?
$token = Mage::helper('core')->encrypt('123'); //1) encrypted token $url = Mage::getUrl('product/index/link', array('key' => $token)); //2) url encoded token $encoded = Mage::helper('core')->urlEncode($token); $url = Mage::getUrl('product/index/link', array('key' => $encoded));
Best Answer
Since the
encrypt
-function may produce unsafe characters like=
or+
only the second method with base 64 encoding will be safe.Use this twoliner: