Placing a hash next to the ID to ensure it's security, or padding the ID with extra data, or even converting the ID to hex would all work fairly well I think.

在 ID 旁边放置一个散列以确保它的安全性，或者用额外的数据填充 ID，甚至将 ID 转换为十六进制我认为都可以很好地工作。

PHP 5.3 has introduced a new encryption method that is really easy to use: openssl_encryptand openssl_decrypt. It's not well-documented here, so here's a simple example:

PHP 5.3 引入了一种非常易于使用的新加密方法：openssl_encrypt和openssl_decrypt. 这里没有很好的记录，所以这里有一个简单的例子：

$textToEncrypt = "My super secret information.";
$encryptionMethod = "AES-256-CBC";  // AES is used by the U.S. gov't to encrypt top secret documents.
$secretHash = "25c6c7ff35b9979b151f2136cd13b0ff";

//To encrypt
$encryptedMessage = openssl_encrypt($textToEncrypt, $encryptionMethod, $secretHash);

//To Decrypt
$decryptedMessage = openssl_decrypt($encryptedMessage, $encryptionMethod, $secretHash);

//Result
echo "Encrypted: $encryptedMessage <br>Decrypted: $decryptedMessage";

I chose 256-AES because it's solid and fast. It's been adopted by the U.S. gov't to encrypt top secret documents. It's fast considering machine and software. Here's a list of available encryption methods:

我选择 256-AES 是因为它稳定且快速。它已被美国政府采用来加密绝密文件。考虑到机器和软件，它很快。以下是可用加密方法的列表：

AES-128-CBC, AES-128-CFB, AES-128-CFB1, AES-128-CFB8, AES-128-ECB, AES-128-OFB, AES-192-CBC, AES-192-CFB, AES-192-CFB1, AES-192-CFB8, AES-192-ECB, AES-192-OFB, AES-256-CBC, AES-256-CFB, AES-256-CFB1, AES-256-CFB8, AES-256-ECB, AES-256-OFB, BF-CBC, BF-CFB, BF-ECB, BF-OFB, CAMELLIA-128-CBC, CAMELLIA-128-CFB, CAMELLIA-128-CFB1, CAMELLIA-128-CFB8, CAMELLIA-128-ECB, CAMELLIA-128-OFB, CAMELLIA-192-CBC, CAMELLIA-192-CFB, CAMELLIA-192-CFB1, CAMELLIA-192-CFB8, CAMELLIA-192-ECB, CAMELLIA-192-OFB, CAMELLIA-256-CBC, CAMELLIA-256-CFB, CAMELLIA-256-CFB1, CAMELLIA-256-CFB8, CAMELLIA-256-ECB, CAMELLIA-256-OFB, CAST5-CBC, CAST5-CFB, CAST5-ECB, CAST5-OFB, DES-CBC, DES-CFB, DES-CFB1, DES-CFB8, DES-ECB, DES-EDE, DES-EDE-CBC, DES-EDE-CFB, DES-EDE-OFB, DES-EDE3, DES-EDE3-CBC, DES-EDE3-CFB, DES-EDE3-CFB1, DES-EDE3-CFB8, DES-EDE3-OFB, DES-OFB, DESX-CBC, RC2-40-CBC, RC2-64-CBC, RC2-CBC, RC2-CFB, RC2-ECB, RC2-OFB, RC4, RC4-40, SEED-CBC, SEED-CFB, SEED-ECB, SEED-OFB, aes-128-cbc, aes-128-cfb, aes-128-cfb1, aes-128-cfb8, aes-128-ecb, aes-128-ofb, aes-192-cbc, aes-192-cfb, aes-192-cfb1, aes-192-cfb8, aes-192-ecb, aes-192-ofb, aes-256-cbc, aes-256-cfb, aes-256-cfb1, aes-256-cfb8, aes-256-ecb, aes-256-ofb, bf-cbc, bf-cfb, bf-ecb, bf-ofb, camellia-128-cbc, camellia-128-cfb, camellia-128-cfb1, camellia-128-cfb8, camellia-128-ecb, camellia-128-ofb, camellia-192-cbc, camellia-192-cfb, camellia-192-cfb1, camellia-192-cfb8, camellia-192-ecb, camellia-192-ofb, camellia-256-cbc, camellia-256-cfb, camellia-256-cfb1, camellia-256-cfb8, camellia-256-ecb, camellia-256-ofb, cast5-cbc, cast5-cfb, cast5-ecb, cast5-ofb, des-cbc, des-cfb, des-cfb1, des-cfb8, des-ecb, des-ede, des-ede-cbc, des-ede-cfb, des-ede-ofb, des-ede3, des-ede3-cbc, des-ede3-cfb, des-ede3-cfb1, des-ede3-cfb8, des-ede3-ofb, des-ofb, desx-cbc, rc2-40-cbc, rc2-64-cbc, rc2-cbc, rc2-cfb, rc2-ecb, rc2-ofb, rc4, rc4-40, seed-cbc, seed-cfb, seed-ecb, seed-ofb

AES-128-CBC、AES-128-CFB、AES-128-CFB1、AES-128-CFB8、AES-128-ECB、AES-128-OFB、AES-192-CBC、AES-192-CFB、AES- 192-CFB1、AES-192-CFB8、AES-192-ECB、AES-192-OFB、AES-256-CBC、AES-256-CFB、AES-256-CFB1、AES-256-CFB8、AES-256- ECB、AES-256-OFB、BF-CBC、BF-CFB、BF-ECB、BF-OFB、CAMELLIA-128-CBC、CAMELLIA-128-CFB、CAMELLIA-128-CFB1、CAMELLIA-128-CFB8、CAMELLIA- 128-ECB, CAMELLIA-128-OFB, CAMELLIA-192-CBC, CAMELLIA-192-CFB, CAMELLIA-192-CFB1, CAMELLIA-192-CFB8, CAMELLIA-192-ECB, CAMELLIA-192-OFB, CAMELLIA-192-OFB, CAMELLIA-192-OFB- CBC, CAMELLIA-256-CFB, CAMELLIA-256-CFB1, CAMELLIA-256-CFB8, CAMELLIA-256-ECB, CAMELLIA-256-OFB, CAST5-CBC, CAST5-CFB, CAST5-ECB, CAST5-OFB, DES- CBC、DES-CFB、DES-CFB1、DES-CFB8、DES-ECB、DES-EDE、DES-EDE-CBC、DES-EDE-CFB、DES-EDE-OFB、DES-EDE3、DES-EDE3-CBC、 DES-EDE3-CFB、DES-EDE3-CFB1、DES-EDE3-CFB8、DES-EDE3-OFB、DES-OFB、DESX-CBC、RC2-40-CBC、RC2-64-CBC、RC2-CBC、RC2-CFB、RC2-ECB、RC2-OFB、RC4、RC4-40、SEED-CBC、SEED-CFB、SEED-ECB、SEED-OFB、aes-128-cbc、 aes-128-cfb、aes-128-cfb1、aes-128-cfb8、aes-128-ecb、aes-128-ofb、aes-192-cbc、aes-192-cfb、aes-192-cfb1、aes- 192-cfb8、aes-192-ecb、aes-192-ofb、aes-256-cbc、aes-256-cfb、aes-256-cfb1、aes-256-cfb8、aes-256-ecb、aes-256- ofb、bf-cbc、bf-cfb、bf-ecb、bf-ofb、camellia-128-cbc、camellia-128-cfb、camellia-128-cfb1、camellia-128-cfb8、camellia-128-ecb、camellia- 128-ofb、camellia-192-cbc、camellia-192-cfb、camellia-192-cfb1、camellia-192-cfb8、camellia-192-ecb、camellia-192-ofb、camellia-256-cbc、camellia-25 cfb、camellia-256-cfb1、camellia-256-cfb8、camellia-256-ecb、camellia-256-ofb、cast5-cbc、cast5-cfb、cast5-ecb、cast5-ofb、des-cbc、des-cfb、 des-cfb1, des-cfb8, des-ecb, des-ede, des-ede-cbc, des-ede-cfb, des-ede-ofb, des-ede3,des-ede3-cbc、des-ede3-cfb、des-ede3-cfb1、des-ede3-cfb8、des-ede3-ofb、des-ofb、desx-cbc、rc2-40-cbc、rc2-64-cbc、 rc2-cbc、rc2-cfb、rc2-ecb、rc2-ofb、rc4、rc4-40、seed-cbc、seed-cfb、seed-ecb、seed-ofb

IMPORTANT UPDATE!!!

重要更新！！！

Thanks Hobo and Jorwin for pointing out that in PHP 5.3.3 > there is a new parameter that makes this function a little more secure.

感谢 Hobo 和 Jorwin 指出在 PHP 5.3.3 > 中有一个新参数使这个函数更加安全。

Jorwin referenced this link in his comment, and here is an excerpt that is applicable:

Jorwin 在他的评论中引用了这个链接，这里是一个适用的摘录：

In 5.3.3 they added a new parameter, string $iv(initialization vector) Real parameters are: string openssl_encrypt ( string $data , string $method , string $password, bool $raw_output = false, string $iv )

If $ivis missing, a warning is issued: "Using an empty Initialization Vector (iv) is potentially insecure and not recommended".

If $ivis too short, another warning: "IV passed is only 3 bytes long, cipher expects an IV of precisely 8 bytes, padding with \0"

same IV should be used in openssl_decrypt()

在 5.3.3 他们添加了一个新参数，string $iv（初始化向量）实参数是：string openssl_encrypt ( string $data , string $method , string $password, bool $raw_output = false, string $iv )

如果$iv缺少，则会发出警告：“使用空的初始化向量 (iv) 可能不安全，不建议使用”。

如果$iv太短，则出现另一个警告：“传递的 IV 只有 3 个字节长，密码需要精确的 8 个字节的 IV，用 \0 填充”

应该使用相同的 IV openssl_decrypt()

You don't need two-way encryption - encryption is for maintaining secrecy, but what you're really looking for here is authenticity.

您不需要双向加密 - 加密是为了保密，但您在这里真正要寻找的是真实性。

HMACs (essentially, keyed hashes) are one way of getting cryptographic authenticity. Accompany the UID with a HMAC of the UID (PHP has a HMAC implementation), using a key that only the server knows. At the start of each request, check the HMAC.

HMAC（本质上是密钥散列）是获得加密真实性的一种方式。用 UID 的 HMAC（PHP 有HMAC 实现）伴随 UID ，使用只有服务器知道的密钥。在每个请求开始时，检查 HMAC。

Basically, use the right tool for the right job.

基本上，为正确的工作使用正确的工具。

While PHP supports many two way hashing algorithms I do not see it being useful in this example. What you need to do is:

虽然 PHP 支持许多两种方式的散列算法，但我认为它在本示例中没有用处。你需要做的是：

1. Load the row from storage by the provided id
2. Check that the owner of the row is the authenticated user and if not throw an exception and inform the user not to do that again

1. 通过提供的 id 从存储加载行
2. 检查行的所有者是否是经过身份验证的用户，如果不是则抛出异常并通知用户不要再这样做

But if your heart is set on hashing just pick one of the algorithms provided.

但是，如果您对散列感兴趣，只需选择提供的算法之一即可。

For two-way encryption check mcrypt, or if you prefer a pure implementation phpseclib.

对于双向加密检查mcrypt，或者如果您更喜欢纯实现phpseclib。

First, encrypting URL parameters is usually a bad idea, and a separate lookup (based on an index CHARcolumn generated by a CSPRNG) is better for 99.9% of use cases.

首先，加密 URL 参数通常是一个坏主意，单独查找（基于CHARCSPRNG 生成的索引列）对于 99.9% 的用例更好。

With that said: Yes, you can use the OpenSSL extension (don't use mcrypt) to encrypt the data like espradley suggested, however I would caution you to not stop at merely encryption.

话虽如此：是的，您可以使用 OpenSSL 扩展（不要使用 mcrypt）来像 espradley 建议的那样加密数据，但是我会提醒您不要仅仅停留在加密上。

Encryption without message authentication is dangerous, especiallyif you're trusting an end-user with the ciphertext.

没有消息身份验证的加密是危险的，尤其是当您信任最终用户的密文时。

The solution, therefore, is to use authenticated encryption, which can be easily accessed with libsodium, available on PECL.

因此，解决方案是使用经过身份验证的加密，它可以通过libsodium轻松访问，可在 PECL 上获得。

If you cannot for whatever reason install a PECL extension, there are two PHP libraries to choose from: defuse/php-encryptionand zend-crypt. They both offer standards compliant authenticated encryption and they're both safe to use (for what it's worth, I frequently perform code audits for cryptography implementationsin PHP, I'm not merelysome random person on the internet).

如果由于某种原因无法安装 PECL 扩展，则有两个 PHP 库可供选择：defuse/php-encryption和zend-crypt。它们都提供符合标准的经过身份验证的加密，并且都可以安全使用（就其价值而言，我经常对PHP 中的加密实现进行代码审计，我不仅仅是互联网上的一些随机人员）。