This tag was written to deal with "scraping" attacks where bots keep requesting the same page with incremental id parameters, corresponding to mysql id columns. Rather than introducing a new column with a unique id, this tag will "intelligently" blowfish encrypt or decrypt existing id values.
Click the "Download" button below to retrieve a copy of this tag,
including the complete documentation and sample usage shown
on this page. Place the downloaded ".inc" file in your
LassoStartup folder, restart Lasso, and you can begin using this
tag immediately.
[
define_tag:'IDcrypt',
-description='Encrypts or Decrypts integer values',
-required='value',
-optional='seed';
// if id values need to be retrieved from bookmarked urls, the tag's built-in seed value must be used,
// or the seed value used must be guaranteed to be the same as when the value was encrypted!
local('cryptvalue' = string);
!local_defined('seed') ? local('seed' = '12s34Xz33');
Local('RandChars' = 'AaBbCcDdEeFfGgHhiJjKkLmNnoPpQqRrSsTtUuVvWwXxYyZz');
Local('anyChar' = (#RandChars -> (Get:(Math_Random: -Min=1, -Max=(#RandChars->Size)))));
// taken from Bil Corry's [lp_string_getNumeric]
local('numericValue' = (string_findregexp((string: #value), -find='\\d')->(join:'')));
if(
(#numericValue == (integer(#value)))
&&
(((string(#value))->length) == ((string(#numericValue)) -> length))
);
// alpha character is inserted at beginning of encrypted string in case value needs to be
// cast to a javascript variable, which cannot start with a number
#cryptvalue = (#anyChar + (Encrypt_Blowfish(#value, -seed=#seed)));
else(
((((string(#value))->length) - 1) % 2 == 0)
&&
(((string(#value))->length) > 16)
);
#cryptvalue = (decrypt_blowfish((String_Remove: #value, -StartPosition=1, -EndPosition=1),-Seed=#seed));
else;
#cryptvalue = 0;
/if;
if(String_IsAlphaNumeric(#cryptvalue));
return(#cryptvalue);
else;
// successfully decrypted values resulting in lots of strange characters are probably
// the result of someone guessing a value
return(0);
/if;
/define_tag;
]
