Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming how can searching encrypted data in through data base
how can searching encrypted data in through data base
  • El Forum
    Guest
  •  
#1
01-24-2011, 05:08 AM

[eluser]Unknown[/eluser]
Code:
function searchSubscribeUserDetails($offset = 0, $row_count = 0,$columnname,$searchword)
    {
        if($columnname=='Email')
        {
             $this->common->encryption($searchword);
        }
    if ($offset >= 0 and $row_count > 0)
    {
        $this->db->like($columnname,$searchword,'both');
        $this->db->select($this->_subsMasterTable.'.*,'.$this->_cityMasterTable.'.CityName');
        $this->db->join($this->_cityMasterTable, $this->_cityMasterTable.'.Id = '.$this->_subsMasterTable.'.CityId');
        $query = $this->db->get($this->_subsMasterTable,$row_count, $offset);
    }
    else
    {
        $this->db->like($columnname, $searchword,'both');
        $this->db->select("count(*) as total_rows");
        $this->db->join($this->_cityMasterTable, $this->_cityMasterTable.'.Id = '.$this->_subsMasterTable.'.CityId');
        $query = $this->db->get($this->_subsMasterTable);
    }
    return $query;
    }
Quote:email is encrypted in database.if we search astring of email than some of searc and some of not search like
'sandesh';//2. encrypted search string->c2FuZGVzaA==
'sandesh@yahoo.com'); 4.encrypted mail id in database->c2FuZGVzaEB5YWhvby5jb20=
but thorove above code i can't find mailid like sandesh
  • El Forum
    Guest
  •  
#2
01-24-2011, 07:35 AM

[eluser]obiron2[/eluser]
I don't think you can do that,

The SHA enryption is based on the whole string, not part of it, so just encryping the search term will not give you the same string as encrypting the whole thing.

you would need to hold the unencrypted email address on a secure server with a token ID and store the token ID in your database (this is how mail order companies hold your credit card details). The unencrypted search would be passed to the secure database which would return the token ID which you can then match to your records.

Obiron
  • El Forum
    Guest
  •  
#3
01-24-2011, 09:47 AM

[eluser]Cristian Gilè[/eluser]
[quote author="obiron2" date="1295897735"]I don't think you can do that,

The SHA enryption is based on the whole string, not part of it, so just encryping the search term will not give you the same string as encrypting the whole thing.

you would need to hold the unencrypted email address on a secure server with a token ID and store the token ID in your database (this is how mail order companies hold your credit card details). The unencrypted search would be passed to the secure database which would return the token ID which you can then match to your records.

Obiron[/quote]

It's not a SHA encryption but a base64 encoding.

@mankisun: You could keep two separate columns, one for the local-part and one for the domain name. For example the record for the sandesh@yahoo.com address becomes:

Code:
localpart   |domain
=========================
c2FuZGVzaA==|eWFob28uY29t

The @ symbol, in my example is not encoded.


Cristian Gilè




Theme © iAndrew 2016 - Forum software by © MyBB