Jump to:

23355 Posts in 17734 Topics by 2862 members

General Questions

SilverStripe Forums » General Questions » Encrypting Data using OnBeforeWrite

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1 2
Go to End
Author Topic: 2241 Views
  • zenmonkey
    Avatar
    Community Member
    527 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    I use it in Model Admin as well I just add the following function to my object
    http://pastie.org/3856863

    Then all you have to do is create a custom getter for the value to decrypt it. For instance if you encypted a field called FirstName just create:

    protected function getFirstName() {
       $toDecrypt = $this->getField("FirstName");
       
        /* Decrypt encrypted string */
          $decrypted = $this->decryptInfo($toDecrypt);
          
          return $decrypted;
          
    }

    This is good because if you need to call FirstName in a FrontEnd template it will work as well

  • cumquat
    Avatar
    Community Member
    189 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    You sir are a star.....

    Got it working although not on the memberextension decorator but that will hopefully just be a small tweak but got it working on a standard dataobject.

    Thanks again for your help and patience.

    Mick

  • cumquat
    Avatar
    Community Member
    189 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    Ok so it's been a while, im using SS3.12 and the previous function no longer work, well thats not 100% true they do indeed encrypt the data but they don't decrypt. Anyone got any pointers please.

    public function onBeforeWrite() {
    $td = mcrypt_module_open('rijndael-128', '', 'ecb', '');
    /* Create the IV and determine the keysize length, use MCRYPT_RAND
    * on Windows instead */
    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
    $ks = mcrypt_enc_get_key_size($td);
    /* Create key */
    $key = substr(md5('123'), 0, $ks);
    /* Intialize encryption */
    mcrypt_generic_init($td, $key, $iv);
    //$toEncrypt = $this->getField("FirstName");
    $toEncrypt = array (
    $this->getField("FirstName"),
    $this->getField("Surname")

    );

    $encrypted = array();
    //$encrypted = mcrypt_generic($td, $toEncrypt);

    foreach ($toEncrypt as $toBeEncrypted) {
    if(!$toBeEncrypted){
    array_push($encrypted, $toBeEncrypted);
    } else {
    $encryptedValue = mcrypt_generic($td, $toBeEncrypted);
    array_push($encrypted, $encryptedValue);
    }

    }
    //$toWrite = base64_encode($encrypted);
    $this->FirstName = base64_encode($encrypted[0]);
    $this->Surname = base64_encode($encrypted[1]);

    /* Terminate encryption handler */
    mcrypt_generic_deinit($td);
    mcrypt_module_close($td);

    parent::onBeforeWrite();

    }

    the decrypt function,

    protected function decryptInfo($toDecrypt) {
    /* Open the cipher */
    $td = mcrypt_module_open('rijndael-128', '', 'ecb', '');

    /* Create the IV and determine the keysize length, use MCRYPT_RAND
    * on Windows instead */
    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_RANDOM);
    $ks = mcrypt_enc_get_key_size($td);

    /* Create key */
    $key = substr(md5('123'), 0, $ks);

    /* Intialize encryption */
    mcrypt_generic_init($td, $key, $iv);

    //$sendToDec = base64_decode($toDecrypt2);

    /* Decrypt encrypted string */
    if(!$toDecrypt){
    return "";
    }
    $decrypted = mdecrypt_generic($td, base64_decode($toDecrypt));
    /* Terminate decryption handle and close module */
    mcrypt_generic_deinit($td);
    mcrypt_module_close($td);
    return $decrypted;

    }


    and finally the calling function to display the data on the page,

    protected function getTheFirstName() {
    $toDecrypt = $this->getField("FirstName");
    $decrypted = $this->decryptInfo($toDecrypt);
    return $decrypted;
    }

    I have no errors and nothing to go on, anyone able to help?

    Mick

  • zenmonkey
    Avatar
    Community Member
    527 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    I'm not really an expert on mcrypt, however are you sure all the values are being passed correctly? The function returns a blank if their's no $toDecryt.

  • cumquat
    Avatar
    Community Member
    189 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    Hi ya,

    ok i have taken another tack following on from another post and am now using

    public function decryptedPassword($toDecrypt) {
    $member = '10$6d10497550ed7b1cf62600';
    return rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($member), base64_decode($toDecrypt), MCRYPT_MODE_CBC, md5(md5($member))), "\0");
    }

    public function encryptPassword($password) {
    $key = '10$6d10497550ed7b1cf62600';
    return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $password, MCRYPT_MODE_CBC, md5(md5($key))));
    }

    this all works fine, hooorahh :o) a slight issue i'm now having is that the data i'm encrypting (names and some details) will then need to be edited and i need to be able to display the data in the form unencypted then re-encrypt without encrypting it twice incase it's not edited, do we think this needs to extra fields in the form to display the decrypted data and then on form submission that field is then encryted and replaces the original data?

    did any of that make sense??

    Mick

  • cumquat
    Avatar
    Community Member
    189 Posts

    Re: Encrypting Data using OnBeforeWrite Link to this post

    I answered my own question while writing it that does indeed seem to be what i need to do.

    Cheers

    Mick

    2241 Views
Page: 1 2
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.