前端 使用key iv 使用aes加密後字串傳給後臺 （可拼接時間戳加密）

        function js_encrypt(text){
            var key = CryptoJS.enc.Latin1.parse('1E390CMD585LLS4S'); //為了避免補位，直接用16位的祕鑰
            var iv = CryptoJS.enc.Latin1.parse('1104432290129056'); //16位初始向量（請記住這兩個都要保證是16位）
            var encrypted = CryptoJS.AES.encrypt(text, key, {
                iv: iv,
                mode:CryptoJS.mode.CBC,
                padding:CryptoJS.pad.ZeroPadding
            });
            
 
return encrypted;
        }

需引入js 檔案下載 https://www.mdaima.com/upload_file/file/2019/07/04/1562201519633156.rar

後臺 解密

        $password = input('password');
        $password_dec=iconv('utf-8','gbk',js_decrypt_openssl($password));
        $timesm=substr($password_dec,-10);
        $password = str_replace($timesm
 
,'',$password_dec);
        if(time() > $timesm + 10){
               $errcode = 10006;
            return json(['errcode'=>$errcode,'errmsg'=>errcode::getErrMsg($errcode)]); 
        }


function js_decrypt_openssl($encrypt){
    $key = "****"; //與JS端的KEY一致
    $iv = "****"; //這個也是要與JS中的IV一致
    $decrypted
 
 = openssl_decrypt($encrypt, 'AES-128-CBC', $key, 2 , $iv);
    $decrypted = trim(trim($decrypted, "\0000"),'');//這個一定要有，要不然在你不用瀏覽器檢視原始碼的情況下是很難發現，還有一些亂碼存在的
    return $decrypted;
}