Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Encrypting Data using OnBeforeWrite


Reply


18 Posts   2911 Views

Avatar
zenmonkey

Community Member, 528 Posts

4 May 2012 at 2:01pm

I use it in Model Admin as well I just add the following function to my object
http://pastie.org/3856863

Then all you have to do is create a custom getter for the value to decrypt it. For instance if you encypted a field called FirstName just create:

protected function getFirstName() {
   $toDecrypt = $this->getField("FirstName");
   
    /* Decrypt encrypted string */
      $decrypted = $this->decryptInfo($toDecrypt);
      
      return $decrypted;
      
}

This is good because if you need to call FirstName in a FrontEnd template it will work as well

Avatar
cumquat

Community Member, 198 Posts

4 May 2012 at 9:27pm

You sir are a star.....

Got it working although not on the memberextension decorator but that will hopefully just be a small tweak but got it working on a standard dataobject.

Thanks again for your help and patience.

Mick

Avatar
cumquat

Community Member, 198 Posts

29 January 2014 at 4:45am

Edited: 29/01/2014 4:46am

Ok so it's been a while, im using SS3.12 and the previous function no longer work, well thats not 100% true they do indeed encrypt the data but they don't decrypt. Anyone got any pointers please.

public function onBeforeWrite() {
$td = mcrypt_module_open('rijndael-128', '', 'ecb', '');
/* Create the IV and determine the keysize length, use MCRYPT_RAND
* on Windows instead */
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
$ks = mcrypt_enc_get_key_size($td);
/* Create key */
$key = substr(md5('123'), 0, $ks);
/* Intialize encryption */
mcrypt_generic_init($td, $key, $iv);
//$toEncrypt = $this->getField("FirstName");
$toEncrypt = array (
$this->getField("FirstName"),
$this->getField("Surname")

);

$encrypted = array();
//$encrypted = mcrypt_generic($td, $toEncrypt);

foreach ($toEncrypt as $toBeEncrypted) {
if(!$toBeEncrypted){
array_push($encrypted, $toBeEncrypted);
} else {
$encryptedValue = mcrypt_generic($td, $toBeEncrypted);
array_push($encrypted, $encryptedValue);
}

}
//$toWrite = base64_encode($encrypted);
$this->FirstName = base64_encode($encrypted[0]);
$this->Surname = base64_encode($encrypted[1]);

/* Terminate encryption handler */
mcrypt_generic_deinit($td);
mcrypt_module_close($td);

parent::onBeforeWrite();

}

the decrypt function,

protected function decryptInfo($toDecrypt) {
/* Open the cipher */
$td = mcrypt_module_open('rijndael-128', '', 'ecb', '');

/* Create the IV and determine the keysize length, use MCRYPT_RAND
* on Windows instead */
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
$ks = mcrypt_enc_get_key_size($td);

/* Create key */
$key = substr(md5('123'), 0, $ks);

/* Intialize encryption */
mcrypt_generic_init($td, $key, $iv);

//$sendToDec = base64_decode($toDecrypt2);

/* Decrypt encrypted string */
if(!$toDecrypt){
return "";
}
$decrypted = mdecrypt_generic($td, base64_decode($toDecrypt));
/* Terminate decryption handle and close module */
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return $decrypted;

}


and finally the calling function to display the data on the page,

protected function getTheFirstName() {
$toDecrypt = $this->getField("FirstName");
$decrypted = $this->decryptInfo($toDecrypt);
return $decrypted;
}

I have no errors and nothing to go on, anyone able to help?

Mick

Avatar
zenmonkey

Community Member, 528 Posts

29 January 2014 at 5:08am

I'm not really an expert on mcrypt, however are you sure all the values are being passed correctly? The function returns a blank if their's no $toDecryt.

Avatar
cumquat

Community Member, 198 Posts

29 January 2014 at 5:53am

Hi ya,

ok i have taken another tack following on from another post and am now using

public function decryptedPassword($toDecrypt) {
$member = '10$6d10497550ed7b1cf62600';
return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($member), base64_decode($toDecrypt), MCRYPT_MODE_CBC, md5(md5($member))), "\0");
}

public function encryptPassword($password) {
$key = '10$6d10497550ed7b1cf62600';
return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $password, MCRYPT_MODE_CBC, md5(md5($key))));
}

this all works fine, hooorahh :o) a slight issue i'm now having is that the data i'm encrypting (names and some details) will then need to be edited and i need to be able to display the data in the form unencypted then re-encrypt without encrypting it twice incase it's not edited, do we think this needs to extra fields in the form to display the decrypted data and then on form submission that field is then encryted and replaces the original data?

did any of that make sense??

Mick

Avatar
cumquat

Community Member, 198 Posts

29 January 2014 at 5:58am

I answered my own question while writing it that does indeed seem to be what i need to do.

Cheers

Mick

Avatar
lozhowlett

Community Member, 146 Posts

24 July 2014 at 7:47pm

Hi Mick

Would you share your final working code?

Thanks

Avatar
cumquat

Community Member, 198 Posts

24 July 2014 at 7:50pm

Yea no worries i will need to go find it, it never got used in the end on that site, and i do remember having a bug but will go back through my stuff and find it, it may not be till Monday though as I'm about to go offsite for a few days.

Mick