Jump to content
bellini13

[addons validation] The use of function base64_encode() is forbidden

Recommended Posts

Can you please provide an explanation as to why base64_encode function is forbidden?  What function should be used instead?

Share this post


Link to post
Share on other sites

Hey,

 

It's a matter of security. We're had really bad contributions hidden behind a base64 before and we don't want this kind of encoded module to be validated automatically. 

 

What function should be used instead?

 

It depends on what you're developing.

Share this post


Link to post
Share on other sites

In my situation, I base64 encode a string so the string can be appended to the end of a URL.  Using URL encoding is not desirable here, since I am looking to mask the string from a standard end user, and it also drastically shortens the string value, bypassing GET length limitations.  

 

The string is then base64_decoded within the template and displayed to the end user when the page is rendered.

 

Usually Prestashop will have a Tools function that they want you to use instead, but in this case no alternative is provided.

Share this post


Link to post
Share on other sites

In my case, I removed the usage of base64 and took an alternatively route for displaying the message.

Share this post


Link to post
Share on other sites

Of course, but that's now your initial question. Your initial question was why this function is forbidden, and the most important, what alternative exists?

You can change it because it was your personal development. But, what to do when you receive a base64 encoded string from a third party and you must decoded?? Is there any alternative solution that Prestashop accept??

 

Regards

Share this post


Link to post
Share on other sites

Thanks for your advice. I'm not using it for encryption. Is a third party system requirement. I will write a note when I submit my module to Addons.

 

Regards

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More