Hi,
I use aes encryption for user passwords and I wonder if there is a way to encrypt other fields from other tables like "zip code" for example.
Is this possible ?
Encrypting content stored in DB
12 posts
• Page 1 of 1
Encrypting content stored in DBHi,
I use aes encryption for user passwords and I wonder if there is a way to encrypt other fields from other tables like "zip code" for example. Is this possible ?
Re: Encrypting content stored in DBYou can implement fieldname__serialize() and fieldname__unserialize() methods in your delegate class where you encrypt and decrypt your data.
Re: Encrypting content stored in DB
You lost me there Can you give me a link to an example or documentation ? Thank You !
Re: Encrypting content stored in DBfieldname__serialize() is called before saving data to the database to "serialize" it. You can perform encryption in this step.
fieldname__unserialize() is called just after loading data from the database to "unserialize" it. You can perform decryption in this step. I don't have any examples of unserialize of the top of my head, but you can check out http://xataface.com/wiki/Authenticating ... sers_table and http://xataface.com/wiki/Authenticating ... sers_Table for examples of using serialize to encrypt columns with custom encryption algorithms. Note that both of these examples use one-way encryption algorithms. If you want to be able to decrypt, you would need to use a 2-way algorithm. -Steve
Re: Encrypting content stored in DB
Can we use the AES_ENCRYPT and AES_DECRYPT functions that mySql has ?
Re: Encrypting content stored in DBYou could use these functions, although you would have to use a bit of a workaround since you can't override a particular column with a function like this. You would need to do this in two parts.
1. Set up the field to save using aes_encrypt by setting the following on the field definition in the fields.ini file:
Or something along these lines. -Steve
Re: Encrypting content stored in DB
Perfect, it works. Now if I can somehow make a button or a link to an action that actually shows the decrypted value only when run. It currently creates a new column that lists all values decrypted. I would like to use this for a list of passwords stored in a database.
Re: Encrypting content stored in DBI see. It is probably best not to use the approach I described then. If I were you, I would create a custom action that just retrieves the decrypted password. Set the permissions to that users can only access this action to retrieve their own password. Then just use a mysql_query() with your aes_decrypt() call to retrieve this value manually.
Once you have an action that does this, you can add an AJAX call anywhere in the interface to obtain this password. Or if you don't want to use AJAX, just create a normal HTML action that includes the decrypted password in its output. -Steve
Re: Encrypting content stored in DB
That would be an ideea.... I'm still thinking how to do this. I have these tables that contain information about websites, the links to the administration panels and username and passwords. My goal is to encrypt the passwords stored in the database and also display the decrypted passwords only when clicked, like within a additional pop-up page or some other form just not in pure plain sight as a list.
Re: Encrypting content stored in DB
Is that a question about how to create custom actions in Xataface to achieve this, or are you just mulling over your options out loud? -Steve
Re: Encrypting content stored in DB
I was thinking loudly, yes !
Re: Encrypting content stored in DBI succeeded using the grafted field method !
Thank You !
12 posts
• Page 1 of 1
Who is onlineUsers browsing this forum: No registered users and 1 guest |