However, I currently have a need to extract and decode that data. I need a two way function.
Curtis On Sun, 16 Feb 2003, Michael T. Babcock wrote: > Curtis Maurand wrote: > > >need to encrypt data and then retrieve it later (credit card data). I could > >probably pass it through and md5 or des function via openssl I suppose and > >then store it. Perl and PHP both have functions to handle that. > > > > > > Just to be a security nut, you shouldn't use the encryption functions in > MySQL at all unless you're always connecting (guaranteed) to the server > as localhost (and always will be). You should always do your > encryption/decryption/hashing in your program and then do the queries > based on that data. Download a copy of mcrypt and mhash and you'll see > that they're quite easy to use. openssl is another option if you feel > so inclined. > > For example: > > $pass = "..."; > $pass_md5 = md5sum($pass); > mysql_query('update users set password = "$pass_md5" where id = $id'); > > or > > $res = mysql_query('select password from users where id = $id'); > $row = mysql_fetch_array($res); > if ($row['password'] != $pass_md5) die("Bad password"); > > This way, the data going over the MySQL link is already secure before it > goes over your network or leaves your program. > > --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php