• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
is_unique for encrypted data

#1
Hi to all...
I decide to encrypt user's sensitive data (tel, address,...) using CI encryption library. In form validation rules, for some fields like mobile number, I used is_unique[table.field]. But for encrypted data, it is useless!
Is there anyway to solve this or I must write a callback function in form validation rules (a function that get a field, encrypted it and then compare it to all records)?
I want to know also your opinion for encrypting these data.

thanks.
Reply

#2
(03-13-2017, 04:58 PM)pb.sajjad Wrote: Hi to all...
I decide to encrypt user's sensitive data (tel, address,...) using CI encryption library. In form validation rules, for some fields like mobile number, I used is_unique[table.field]. But for encrypted data, it is useless!
Is there anyway to solve this or I must write a callback function in form validation rules (a function that get a field, encrypted it and then compare it to all records)?
I want to know also your opinion for encrypting these data.

thanks.

Hi! Im new to CodeIgniter. How can you display encrypted data from the database to a, for example, a html table? Is there a function to decrypt an encrypted data? Im not sure but I think your idea to encrypt sensitive information is a good idea.
Reply

#3
(03-14-2017, 08:08 AM)dunkindonato Wrote: Hi! Im new to CodeIgniter. How can you display encrypted data from the database to a, for example, a html table? Is there a function to decrypt an encrypted data? Im not sure but I think your idea to encrypt sensitive information is a good idea.

Yes, you can just use

$this->encryption->decrypt($row->mobile)

for example to display in html as plain text
Reply

#4
(03-14-2017, 08:08 AM)dunkindonato Wrote:
(03-13-2017, 04:58 PM)pb.sajjad Wrote: Hi to all...
I decide to encrypt user's sensitive data (tel, address,...) using CI encryption library. In form validation rules, for some fields like mobile number, I used is_unique[table.field]. But for encrypted data, it is useless!
Is there anyway to solve this or I must write a callback function in form validation rules (a function that get a field, encrypted it and then compare it to all records)?
I want to know also your opinion for encrypting these data.

thanks.

Hi! Im new to CodeIgniter. How can you display encrypted data from the database to a, for example, a html table? Is there a function to decrypt an encrypted data? Im not sure but I think your idea to encrypt sensitive information is a good idea.

First, you need to set up an encryption key in config/config.php, for example:
PHP Code:
$config['encryption_key'] = hex2bin('6a9f0dasfdklf890qwqwea0c7f2e7c67'); 

After initializing the encryption library in your controller (or autoload it):

PHP Code:
$this->load->library('encryption'); 


You could encrypt data with:

PHP Code:
$this->encryption->encrypt($var); 

And decrypt it with:

PHP Code:
$this->encryption->decrypt($var); 

More details on CI documentation.
Reply

#5
You will need to add your own is_unique validation method. This method needs changing anyway as it only works on records that you are inserting. When updating a record it will fail because the method does not check if the posted update matches the found record.

As for the encrypted data. Create your own is_unique method and just encrypt the value before using it in your query

PHP Code:
public function is_unique($str$field)
{
 
   $this->CI->load->library('encryption');
 
   $encrypted_str $this->CI->encryption->encrypt($str);

 
   sscanf($field'%[^.].%[^.]'$table$field);
 
   return isset($this->CI->db)
 
       ? ($this->CI->db->limit(1)->get_where($table, array($field => $encrypted_str))->num_rows() === 0) : FALSE;

Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


Users browsing this thread:
1 Guest(s)


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2017 MyBB Group.