Iam Using PHP & MySql for my web application. I have a requirement where I need to encrypt user specific information, say name & email_id.
$name = "Kevin John";
$encryptionMethod = "AES-256-CBC";
$secretHash = "25c6c7ff35b8879b151f2136cd13574";
$enc_name = openssl_encrypt($textToEncrypt, $encryptionMethod, $secretHash);
Iam storing this encrypted name in my database. But the real problem is that I need to search the users based on their name.For example:-
$qry = "select * from users where name like %john%";
Any suggestion appreciated
It is not suggested to encrypt the data that you want to search on.
or you can fetch all the data, decrypt and search if the row contains what you want on the app layer(I would not suggest this approach).
// Pseudocode $searchTerm = 'john'; $allNamesQuery = 'select * from users'; $allNamesData = execQuery($allNamesQuery); $suggestions = []; foreach($allNamesData as $row){ $row = decryptNameFromRow($row); if(contains($row['name'], $searchTerm)) array_push($suggestions, $row); } print_r($suggestions);
Please suggest if there are any alternatives.
You may have several options, some easy some not
Use AES Encryption & Decryption in SQL for implementing search on encrypted DB fields. syntax:-
AES_ENCRYPT('Text_to_encrypt', 'secret_key')
AES_DECRYPT('Text_to_decrypt', 'secret_key')
First encrypt & store the data in DB using AES Encryption in sql
INSERT INTO User (fname,email,mobile) VALUES (AES_ENCRYPT('Arun gopan', 'Qwfe345dgfdg'), AES_ENCRYPT('arun123@fa.com', 'Qwfe345dgfdg'),'9658475577');
Now you can query the DB using AES DECRYPT in sql for performing search operations.
SELECT AES_DECRYPT(fname,'Qwfe345dgfdg'), AES_DECRYPT(email,'Qwfe345dgfdg') FROM User WHERE AES_DECRYPT(fname,'Qwfe345dgfdg') LIKE '%Arun%';
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.