How to encrypt query strings in Classic ASP (VBScript) and JavaScript

Sending variables via URLs can be very dangerous if some sensitive data needs to be transferred between your pages. You may want to encrypt your variables and their values. By using these simple encode/decode algorithms, you can hide your content from curious eyes.

You can use either of the scripting languages (VBScript or JavaScript).

VBScript

Decode:

' USE: sField = Decode(request.querystring(encode("sParm")))

Function Decode(sIn)
    Dim x, y, abfrom, abto
    Decode = "" : abfrom = ""
    For x = 0 To 25 : abfrom = abfrom & Chr(65 + x) : Next
    For x = 0 To 25 : abfrom = abfrom & Chr(97 + x) : Next
    For x = 0 To 9 : abfrom = abfrom & CStr(x) : Next
    abto = Mid(abfrom, 14, Len(abfrom) - 13) & Left(abfrom, 13)
    For x = 1 To Len(sIn) : y = InStr(abto, Mid(sIn, x, 1))
        If y = 0 Then
            Decode = Decode & Mid(sIn, x, 1)
        Else
            Decode = Decode & Mid(abfrom, y, 1)
        End If
    Next
End Function

Encode:

' USE: location.href="nextpage.asp?" & encode("sParm=" & sData)

Function Encode(sIn)
    Response.Write "sIn: " & sIn
    Dim x, y, abfrom, abto
    Encode = "" : abfrom = ""
    For x = 0 To 25 : abfrom = abfrom & Chr(65 + x) : Next
    Response.Write "ABFrom 1: " & abfrom
    For x = 0 To 25 : abfrom = abfrom & Chr(97 + x) : Next
    Response.Write "ABFrom 2: " & abfrom
    For x = 0 To 9 : abfrom = abfrom & CStr(x) : Next
    Response.Write "ABFrom 3: " & abfrom
    abto = Mid(abfrom, 14, Len(abfrom) - 13) & Left(abfrom, 13)
    Response.Write "abto: " & abto
    For x = 1 To Len(sIn) : y = InStr(abfrom, Mid(sIn, x, 1))
        Response.Write "y: " & y
    If y = 0 Then
            Encode = Encode & Mid(sIn, x, 1)
        Else
            Encode = Encode & Mid(abto, y, 1)
        End If
    Next
    Response.Write "Encode: " & Encode
End Function

Example:

Response.Redirect ("targetPage.aspx?" & encode("productID=" & ArrID))
var productID= Decode(querystring(Encode('productID')));

JavaScript

Decode:

function Decode(sIn) {
    var x, y, abto;
    var Decode = ""; var ABFrom = "";
    for (var x = 0; x <= 25; x++) { ABFrom = ABFrom + String.fromCharCode(65 + x); }
    for (var x = 0; x <= 25; x++) { ABFrom = ABFrom + String.fromCharCode(97 + x); }
    for (var x = 0; x <= 9; x++) { ABFrom = ABFrom + x.toString(); }
    abto = ABFrom.toString().substring(13, ABFrom.length) + ABFrom.toString().substring(0, 13);
    for (x = 0; x < sIn.length; x++) {
        if (sIn.substring(x, x + 1) == "/") { Decode = Decode + "/"; }
        else {
            y = abto.toString().indexOf(sIn.substring(x, x + 1));
            if (y < 0) { Decode = Decode + sIn.substring(x, x + 1); }
            else { Decode = Decode + ABFrom.substring(y, y + 1); }
        }
    }
    return Decode;
}

Encode:

function Encode(sIn) {
    var x, y, abto;
    var Encode = ""; var ABFrom = "";
    for (var x = 0; x <= 25; x++) { ABFrom = ABFrom + String.fromCharCode(65 + x); }
    for (var x = 0; x <= 25; x++) { ABFrom = ABFrom + String.fromCharCode(97 + x); }
    for (var x = 0; x <= 9; x++) { ABFrom = ABFrom + x.toString(); }
    abto = ABFrom.toString().substring(13, ABFrom.length) + ABFrom.toString().substring(0, 13);
    for (x = 0; x < sIn.length; x++) {
        y = ABFrom.toString().indexOf(sIn.substring(x, x + 1));
        if (y < 0) { Encode = Encode + sIn.substring(x, x + 1); }
        else { Encode = Encode + abto.substring(y, y + 1); }
    }
    return Encode;
}

Example:

var productID = Decode(querystring(Encode('productID'))).toString();

Reference: http://www.devx.com/vb2themax/Tip/19404

Leave a Reply