At the moment, I have a field within my Laravel project that requires some form of encryption, so I use the available encryption through Laravel, and decrypt using the following in my blade:
{{\Crypt::decryptString($e->SCEIN)}}
But I was curious if there was a way for me to be able to show only the last 8 characters of this field after it has been decrypted. I can't seem to find much mention of it though I do know using substr would technically get me there, I am not sure how to use it on an encrypted field.
You can wrap the whole decrypt string inside the substr function and setting -8 in the second param will give you the last 8 characters.
{{ substr( \Crypt::decryptString($e->SCEIN), -8 ) }}
Related
I observed a very strange behavior with Laravel's Hash Facade using Hash::make() to create a digest (with bcrypt) and save it to the database. For example, the plain text
AAMkAGEzN2EyZTg4LWRiNTUtNGIwYS04ZTA1LWE2Y2U5OTRjYjQ0ZgBGAAAAAACxCzc14g3eSoadAxaGpB3ABwCr5qkyxHH4QY9vHKr6u5IrAAAAAAENAACr5qkyxHH4QY9vHKr6u5IrAARi2BmGAAA=
yields $2y$10$fq6jvoNL/RShVKfNDy64EOGW0gLzd0GvfS.di16Z9LcCK7DpIHONK.
Now, when using Hash::check() with the plain text and digest mentioned above returns true of course. However, changing one character in the plain text (e.g. replacing the last A with a B) and checking it against the same digest returns true as well:
>>> Hash::check('AAMkAGEzN2EyZTg4LWRiNTUtNGIwYS04ZTA1LWE2Y2U5OTRjYjQ0ZgBGAAAAAACxCzc14g3eSoadAxaGpB3ABwCr5qkyxHH4QY9vHKr6u5IrAAAAAAENAACr5qkyxHH4QY9vHKr6u5IrAARi2BmGAAA=', '$2y$10$fq6jvoNL/RShVKfNDy64EOGW0gLzd0GvfS.di16Z9LcCK7DpIHONK')
=> true
>>> Hash::check('AAMkAGEzN2EyZTg4LWRiNTUtNGIwYS04ZTA1LWE2Y2U5OTRjYjQ0ZgBGAAAAAACxCzc14g3eSoadAxaGpB3ABwCr5qkyxHH4QY9vHKr6u5IrAAAAAAENAACr5qkyxHH4QY9vHKr6u5IrAARi2BmGAAB=', '$2y$10$fq6jvoNL/RShVKfNDy64EOGW0gLzd0GvfS.di16Z9LcCK7DpIHONK')
=> true
>>> Hash::check('AAMkAGEzN2EyZTg4LWRiNTUtNGIwYS04ZTA1LWE2Y2U5OTRjYjQ0ZgBGAAAAAACxCzc14g3eSoadAxaGpB3ABwCr5qkyxHH4QY9vHKr6u5IrAAAAAAENAACr5qkyxHH4QY9vHKr6u5IrAARi2BmGAAC=', '$2y$10$fq6jvoNL/RShVKfNDy64EOGW0gLzd0GvfS.di16Z9LcCK7DpIHONK')
=> true
Based on my understanding what hashing does this shouldn't be possible, but it doesn't seem to be a collision as replacing B by C also yields true.
I'm using Laravel 8.0 with PHP 7.4.11.
Any idea what I'm doing wrong here?
UPDATE:
Found this hint in the official PHP documentation for password_hash:
Caution: Using the PASSWORD_BCRYPT as the algorithm, will result in the password parameter being truncated to a maximum length of 72 characters.
I then checked this and indeed, modifying any of the characters behind AAMkAGEzN2EyZTg4LWRiNTUtNGIwYS04ZTA1LWE2Y2U5OTRjYjQ0ZgBGAAAAAACxCzc14g3e doesn't change the result whereas exchanging e.g. the last e with f returns false for Hash::check(). The length of the string is 72 characters so it may be an effect of the truncation. But why? This isn't mentioned in the Laravel Hash documentation. I have several passwords that are longer than 72 characters so it actually doesn't matter how they end?
As a result, I need to use another function of Laravel to hash longer messages? Which one?
I did some research and came to this conclusion:
In the official laravel docs they refer to php's official docs. Here they have a caution section at password saying:
Using the PASSWORD_BCRYPT as the algorithm, will result in the password parameter being truncated to a maximum length of 72 characters.
I checked your string, and it has a length of 152. So in your case, you should use a different algorithm(you can set this in config/hashing.php at driver) or make sure the input string is max 72 characters.
I'm trying to use regular expression extractor concept in Jmeter. By using regEx concept I'm able to get the required token id's. And for all I'm using regEx as (.*?). So this is working fine when we have constant prefix and suffix text/values.
But in this case, there is no suffix,
Ex: Key is = #bluerelay.com/a43a816dcdd14873bd5757b3a3709d5c,
ClickHereForImageForm
I want to take the key ID into a variable with using RegEx. I have tried to get it with (.*?) but it didn't work, it returns the full value, not the required part. It'd be excellent if you could give any suggestion.
The source value is:
https://navitus-internal-app.bluerelay.com/#/token/systemadministrator#bluerelay.com/a43a816dcdd14873bd5757b3a3709d5c
The expected result is to extract a43a816dcdd14873bd5757b3a3709d5c from the above URL and put it into a variable.
You can use regex to get last text after / sign
(.*)\/(\w+)
See demo
I'm making English-Spanish website so depending the language I have to give the user different strings. To do it I'm using Laravel's trans() function.
The problem is that in Blade the trans() outputs html entity encoded characters.
So for example when I put {{ trans('messages.title') }} which points to the string
'title' => 'Título' in the lang file, instead of Título I have Título.
But if I just have the string (or character) put directly in the file it is shown normally.
Is this normal in Laravel 5.2 that trans() function outputs htmlentity encoded string instead of normal UTF8 character?
If not any idea what I'm doing wrong?
If yes is it possible to output normal characters instead?
I have found out that when I use #lang() instead of {{ trans() }} it gives me the character.
So it looks like this is how it works.
But if there is anybody who knows and can confirm that this behavior is intentional and correct, that would be great.
How would I go about counting the characters after a certain character. I'm new to Oracle, and I've learned quite a bit however I'm stumped at this point. I found a couple functions that will get you a substring and I found a function that will give you the length of a string. I am examining an email address, myemail#thedomain.com. I want to check the length after the '.' in the email.
SELECT email
FROM user_table
WHERE length(substr(email, /*what values*/, /*to put here*/))
I don't know if it's actually possible to find the location of the final '.' in the email string?
I'm not sure I would use substr. You can try something like this :
select length('abcd#efgh.123.4567') - instr('abcd#efgh.123.4567', '.', -1) from dual
Using instr(..,..,-1) searches backwards from the last character to find the position.
Since you're doing checks, I suggest you validate the format with regular expressions using REGEXP_INSTR. For instance, an email validation I found on this site is REGEXP_INSTR(email, '\w+#\w+(\.\w+)+') > 0
I didn't check it myself, but it looks quite ok.
Cheers.
Im making a url pass in this date format at the very end of the string
2011-11-02T13:59:26.13Z
I can do this
a.sub!(/\..*/,'')
to knock off the .(digit)(digit)Z and work with the time in my controller.
if i put the time in regular format in my url, it works fine. If i put in the specified format above, i get a blank page. If i add the constraint i made (works fine with chopping the end off in the console, I get an routing (no route matches [GET] ...). What should I do to allow to pass in the date format i need (Im using rails 3 if thats important)
The colon is a reseved character and cannot be used within a URL. See RFC 2366 section 2.2
Also, the . (dot) is used to designate a format type in rails, so when this is passed into the router it will try to render a layout for the '13Z' format.
You should encode that time in another format that does not require these characters.
E.g.
20111102135926
Because each field is fixed width it is still easy to parse with a regex.
You could also atime which can be parsed directly in Ruby.