Protecting Sensitive Personal Data with Encryption
It is a common situation to want to store data about a person in a database. For example their name, address, phone number etc. In many countries it is illegal to store this data without some form of protection but even without such a law it is common courtesy to look after this data to the best of your ability. You don’t know how well your hosting company looks after this data so why take the risk. This data should be encrypted.
This tutorial will show you a simple example of a user registration system. It hasn’t been designed as a class you can plug in to your application. Instead it is a tutorial to show you how to use the mcrypt functions within your application.
This is not a complete solution to your security worries! You will almost certainly need to consider other factors to build a secure application but this is a good start. So if your hosting company (or government department!) puts your database on a couple of cds and puts them in the post (mail) you can sleep better at night knowing your data is safe.
The demo system asks users for 2 pieces of data:
and a real name
This data is then stored in a mySQL database. The username is stored as it is entered and the real name is stored encrypted.
The encryption key is stored in a file. Without it, it is not possible to determine the users real name.
The encryption is based on the mcrypt library which supports a wide variety of algorithms and modes of operation. I have chosen to use BLOWFISH in CBC mode.
The first thing to check before using this code is that your hosting has mcrypt available. The easiest way is to look in your phpinfo output and search for mcrypt. The other way is to try the demo and if it reports errors then you probably don’t have it!
It is best to create a config file that contains access details for your database and your secret encryption key. Make the key equal to 56 characters of random data. Don’t just change the odd character from what is below. Generate your own unique key. You can find many guides to creating random strings. There is a good one here
Also change the table name (demousers) to match your database table.
Save the following as config.php and upload it to your webserver. Locate it so that it is not accessible to web users if possible.
define ("DB_USER", "databaseuser");
define ("DB_PASSWORD", "password");
define ("THE_KEY", "thwkdyetrabdlp963gdmnsb49dhsrqi785hfipl;aw3467fbdjs713ga");
Here is a typical database table that works with the tutorial.
CREATE TABLE `demousers` (
`id` int(11) NOT NULL auto_increment,
`username` varchar(25) NOT NULL default '',
`realname` varchar(32) NOT NULL default '',
PRIMARY KEY (`id`)
) TYPE=InnoDB AUTO_INCREMENT=2 ;
Follow the link to view the code. Any questions post a comment.
Some rights are reserved. This work is licensed under a Creative Commons Attribution 3.0 License Please attribute Designertuts.com
You can see the the demo in action here. Sorry demo not available at the moment.