使用PHP从mysql数据库解密某些字段
[英]Decrypting certain fields from a mysql database using PHP
问题描述
I have this PHP script 
我有这个PHP脚本
<?php
//assume this is the key, declared as variable $cipherKey in the file cipherkey.php.
include ('cipherkey.php')
class Cipher {
private $passKey;
private $iv;
function __construct( $inputKey ) {
$this->passKey = hash( 'sha256', $inputKey, true );
$this->iv = mcrypt_create_iv( 32 );
}
function encryptThis( $inputText ) {
$cipher = mcrypt_encrypt( MCRYPT_RIJNDAEL_256, $this->passKey,$inputText, MCRYPT_MODE_ECB, $this->iv );
$encrypted = base64_encode( $cipher );
return $encrypted;
}
function decryptThis( $inputText ) {
$decipher = mcrypt_decrypt( MCRYPT_RIJNDAEL_256, $this->passKey, base64_decode( $inputText ), MCRYPT_MODE_ECB, $this->iv );
$decrypted = trim( $decipher );
return $decrypted;
}
}
?>
This script is used to encrypt certain fields in a mysql database like this; 该脚本用于加密mysql数据库中的某些字段,如下所示:
if( isset( $prescRequester, $patientName, $patientDOB, $contactPhone, $medType1, medType1_dose, $medType1_freq, $pharmacyName, $pharmacyPhone ) ) {
$prep = $db->prepare(
"INSERT INTO renal_prescRequest(
date,
prescRequester,
patientRelationship,
patientName,
patientDOB,
contactPhone,
contactEmail,
physician,
medProvider,
medType1,
medType1_dose,
medType1_freq,
medType2,
medType2_dose,
medType2_freq,
medType3,
medType3_dose,
medType3_freq,
ninetyDaySupply,
pharmacyName,
pharmacyPhone,
comments
) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ? )
");
$prep->bind_param(
'ssssssssssssssssssssss',
$date,
$cipher->encryptThis( $prescRequester ),
$cipher->encryptThis( $patientRelationship ),
$cipher->encryptThis( $patientName ),
$cipher->encryptThis( $patientDOB ),
$cipher->encryptThis( $contactPhone ),
$cipher->encryptThis( $contactEmail ),
$physician,
$medProvider,
$cipher->encryptThis( $medType1 ),
$medType1_dose,
$medType1_freq,
$cipher->encryptThis( $medType2 ),
$medType2_dose,
$medType2_freq,
$cipher->encryptThis( $medType3 ),
$medType3_dose,
$medType3_freq,
$ninetyDaySupply,
$pharmacyName,
$pharmacyPhone,
$comments
);
$prep->execute();
$prep->close();
$db->close();
I am not this author of this code. 我不是此代码的作者。 But I am supposed to decrypt the encrypted fields. 但是我应该解密加密的字段。 So I did something like this ; 所以我做了这样的事情;
$cipher = new Cipher ( $cipherKey );
$id = $_GET['id'];
$query = "SELECT * FROM renal_clinicalTrial WHERE id = '".$id."'";
$result = mysql_query($query);
if(!$result){
die("Unable to perform query". mysql_error());
}
while($row = mysql_fetch_array($result)){
$firstname = $row[firstName];
$lastname = $row[lastName];
$address = $row[address];
$city = $row[city];
$state = $row[state];
$zipcode = $row[zipcode];
$email = $row[contactEmail];
$phone = $row[contactPhone];
$cipher->decryptThis($firstname);
$cipher->decryptThis($lastname);
$cipher->decryptThis($address);
$cipher->decryptThis($city);
$cipher->decryptThis($state);
$cipher->decryptThis($zipcode);
$cipher->decryptThis($email);
$cipher->decryptThis($phone);
When i display the fields to the browser, I get the encrypted data instead of the decrypted data. 当我向浏览器显示字段时,我得到的是加密数据而不是解密数据。 Is there something I am overlooking here. 有什么我在这里忽略的东西吗? Thanks! 谢谢!
1 个解决方案
解决方案1
1 2013-12-25 10:54:44
The Cipher decryptThis() method returns a value, so you need to assign that returned value 密码decryptThis()方法返回一个值,因此您需要分配该返回值
$firstname = $cipher->decryptThis($firstname);
.... etc
or modify the method to accept its argument by reference instead of by value (but not advised to retain consistency in the calls) 或修改方法以by reference而不是by value接受其参数(但不建议在调用中保持一致性)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.