Sending Encrypted Data via URL?

Another lesson learned.

I am working on my PayPal Adaptive Payments application and I want buyers to be able to report when books are received or not received. Being the clever type of guy I am, I decided I should encrypt the data being sent in the email like the pay key that PayPal sends when first creating a sale through the AP. It is only good for a few hours after it is created for finishing the transaction but it is a great number for tracking payments. But I don't want it getting out to just anybody.

I tried doing a straight encryption but that ends up with all sorts of garbage that is not URL compatible. Being the genius guru I am, I figured I would just urlencode it to fix that problem.

Didn't work.

Turns out that it is pretty much impossible to reverse this process. Ends up with some garbage coming out. Oh well.

Just for everyones' enjoyment, the site I'm working on is at http://www.donomall.com. You can get to the book section from there. Anybody wanting to comment on the sites can do so. I have thick skin. Usually. I am NOT a designer. Keep that in mind. :)