Trying to write a simple encrypt/decrypt function in php

Question

I want to create an 'activation' key when someone joins my website. This will be emailed to them and when they click the link it will activate their account. I want to incorporate some information in the activation key (nothing major from a security point of view - simply what page they were on when they registered etc so I can redirect them back to that page).

I have the following:

// THIS TO ENCRYPT THE DATA
$secret_key = "This is my SeCrEt key";
$etype = MCRYPT_RIJNDAEL_256;
$iv = mcrypt_create_iv(mcrypt_get_iv_size($etype, MCRYPT_MODE_ECB), MCRYPT_RAND);
$output = mcrypt_encrypt($etype, $secret_key, $string_to_encrypt, MCRYPT_MODE_CBC, $iv);
$output = base64_encode ($output);
$output = urlencode($output);


// THIS TO DECRYPT THE DATA - THIS ISN'T WORKING?
$secret_key = "This is my SeCrEt key";
$etype = MCRYPT_RIJNDAEL_256;
$iv = mcrypt_create_iv(mcrypt_get_iv_size($etype, MCRYPT_MODE_ECB), MCRYPT_RAND);

$string_to_decrypt = urldecode($string_to_decrypt);
$string_to_decrypt = base64_decode($string_to_decrypt);
$output = mcrypt_decrypt($etype, $secret_key, $string_to_decrypt, MCRYPT_MODE_CBC, $iv);

I am using the base64 encoding and urlencoding because I'll be emailing the link.

The decryption doesn't work at all. Any ideas?

Answer 1

The IV must be the same for a particular encryption/decryption.