Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We've moved the forum!

Please use forum.silverstripe.org for any new questions (announcement).
The forum archive will stick around, but will be read only.

You can also use our Slack channel or StackOverflow to ask for help.
Check out our community overview for more options to contribute.

Archive /

Our old forums are still available as a read-only archive.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo

Encrypted Fields


Go to End


13 Posts   3739 Views

Avatar
Blackdog

Community Member, 156 Posts

22 April 2008 at 11:55pm

Simon,

you are right.

Ok so I have gone ahead and used a Xor encryption method which works fine.

My problem now is trying to pinpoint when and how to decrypt it for display to the admin. Basically on a member signup a field is encrypted and it needs to be visible to the admin only.

For example when I push the field through to a the member detail popup how am I able to access that info before it is displayed?

eg. $fields->push(new TextField("PromoCode", "Promo Code"));

How would I decrypt PromoCode if it was encrypted?

thanks, hope you can help.

Avatar
Sam

Administrator, 690 Posts

23 April 2008 at 12:21am

I suggest that you define a function on your data object

function getDecryptedPromoCode() {
if(Permission::check("ADMIN")) return decryptsomehow($this->PromoCode);
else return "(secret)";
}

A function that starts with "get" can be used as a getter; this means that $obj->DecryptedPromoCode will return the decrypted value.

This means that you can create a form with a field, DecryptedPromoCode, and it will show you the decrypted promo code. The permission check will mean that if you mistakenly show this field to an admin that it won't be a security hole. This is important: security should be implemented in the DataObject layer, and not in the controller/form layer.

If you want to update the field, you will need to define setDecryptedPromoCode() as well.

You might do away with the onBeforeWrite() altogether, and instead do this encryption in setDecryptedPromoCode().

Avatar
Blackdog

Community Member, 156 Posts

23 April 2008 at 12:29am

Thanks Sam I will give that a hit.

Avatar
Blackdog

Community Member, 156 Posts

23 April 2008 at 2:44am

Edited: 23/04/2008 2:48am

ok I am racking my brains on this.

I am extending the Memeber Data Object from what I have learnt from the Forum mod.

So do I need to use the getDecryptedPromoCode() function within the Member DataObject of in a new Data Object which references that?

I keep getting Fatal error: Call to undefined function notices when I try to use getDecrypt.....

I am happy to pay someone to tell me... i am pulling hair out!

Avatar
Blackdog

Community Member, 156 Posts

23 April 2008 at 10:19am

Edited: 23/04/2008 10:29am

ok I slept on it, then got up followed through what you said with a clear head and it worked first time.

thanks Sam, I owe ya one.

EDIT

For anyone following this up here is something that tripped me up.

function getDecryptedPromoCode() {
if(Permission::check("ADMIN")) return decryptsomehow($this->owner->PromoCode);
else return "(secret)";
}

I missed "owner" in my calls and wondered why it was throwing errors. Once that was resolved it was all smooth sailing.

Go to Top