Am Mittwoch, 12. Januar 2005 11:13 schrieb Shaun:
> Hi,
>
> I have site that allows users to upload private information to our server.
> We would like to encrypt the data for security reasons and only allow
> certain users to be able to un-encrypt the data and view it. I have looked
> at the PHP encryption functions and they appear to be one way algorithms -
> I am guessing this is the whole point of encrption ;)
>
> Does anyone have any suggestions regarding this?
>
> Many thanks
hey :)
you should use the mcrypt_* functions. Look at the manual pages,
you will find there many examples.
Here are some functions i use for encryption of private data,
may they help you:
/**
* mcrypt iv generieren
*/
if(!isset($_SESSION['MCRYPT_IV'])) {
$_SESSION['MCRYPT_IV']=
mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC),
MCRYPT_DEV_URANDOM);
}
/**
* Encryption
*
* @param String input - unencrypted string
* @return String encrypted string
*/
function encrypt($input) {
$encrypted= mcrypt_encrypt(MCRYPT_BLOWFISH, SECRET, $input,
MCRYPT_MODE_CBC, $_SESSION['MCRYPT_IV']);
$encoded= base64_encode($encrypted);
return
$encoded;
}
/**
* Decryption
*
* @param String input - encrypted string
* @return String - decrypted string
*/
function decrypt($input) {
$decoded= base64_decode($input);
$decrypted= mcrypt_decrypt(MCRYPT_BLOWFISH, SECRET, $decoded,
MCRYPT_MODE_CBC, $_SESSION['MCRYPT_IV']);
return
rtrim($decrypted);
}
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
