Rory McKinley wrote:
Hi Sarah
This is more of a PHP question than a MySQL question as to my mind while it is all possible, the bulk of the work would need to be done on the PHP side. Assuming that you don't have the time to write all the necessary code from scratch, you might want to look for a content-management system (CMS) written in PHP and using MySQL that has some (ideally, all) the functionality that you require. This can serve as a good foundation and can be tweaked to your relevant requriements. A good place to start looking for this would be Sourceforge or google.
Take a look at http://opensourcecms.com - there you can actually demo the CMS before you download it. You can definitely work on an existing CMS and patch it to work with encrypted data storage. I recommend Mambo, as most of your SQL modifications are localized in one handy file (DISCLAIMER: I am a Mambo core developer). Maybe there are others that also take this approach.
I also agree with Shawn, that your best bet is to use a single server, ideally hosted by a hosting company that provides MySQL/PHP. This removes the need for replication to multiple machines, and you can just keep a regular backup copy on a local machine - also reduces some of your security concerns.
This has been discussed over at the NYPHP lists, and one of the ideas that I came up with was to use the user's password as the key to encrypt/decrypt all of their data in the database. In the event that Joe could actually view Sally's data, he wouldn't have her key to decrypt it so it would have little use. Ditto for h4x0rd00d, as he would have to brute force the key for every row in the database...
My favourite part of this design is that the 'key' is actually stored as an MD5 hash in the database as the user's password; and the only time the server sees it in the clear is when the user logs in. This can be added to the session (stored on the server, not in a cookie) so that it is resistant to tampering.
I'm considering this topic for a future article, if you are interested please contact me off-list ;)
-- Mitch
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
