If you don't want to save strings in clear text, there are new php functions (php >= 5.3.0) that can be of help; openssl_encrypt() and openssl_decrypt().
Original Text:
Value to be encrypt & decrypt
Encrypted Text =
RjFhMElpR0VzMVlPeVdtREVraFJzYnhnNXZ4ck4vSmhRVUtXWXJoUzBVWT0=
Decrypted Text
Value to be encrypt & decrypt
SUCCESS
Or (This will carry IV with encrypted text itself):
<?php
define("SSL_SECRET_KEY", "SSL_SECRET_KEY");
define("SSL_SECRET_IV", "SSL_SECRET_IV");
define("SSL_ENCRYPTION_METHOD", "AES-256-CBC");
define("SSL_SECRET_IV_SIZE", openssl_cipher_iv_length(SSL_ENCRYPTION_METHOD));
function encryptData($string)
{
$key = hash('sha256', SSL_SECRET_KEY);
/* If you want random IV */
//$iv = openssl_random_pseudo_bytes(SSL_SECRET_IV_SIZE);
$iv = substr(hash('sha256', SSL_SECRET_IV), 0, SSL_SECRET_IV_SIZE);
$output = openssl_encrypt($string, SSL_ENCRYPTION_METHOD, $key, 0, $iv);
return base64_encode($output);
}
function decryptData($string)
{
$key = hash('sha256', SSL_SECRET_KEY);
$iv = substr(hash('sha256', SSL_SECRET_IV), 0, SSL_SECRET_IV_SIZE);
return openssl_decrypt(base64_decode($string), SSL_ENCRYPTION_METHOD, $key, 0, $iv);
}
$REQUEST_URI = isset($_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : "";
if (strpos($REQUEST_URI, "enc.php") !== false) {
$plain_txt = "Value to be encrypt & decrypt";
echo "Original Text = $plain_txt<br/>";
$encrypted_txt = encryptData($plain_txt);
echo "Encrypted Text = $encrypted_txt<br/>";
$decrypted_txt = decryptData($encrypted_txt);
echo "Decrypted Text = $decrypted_txt<br/>";
if ($plain_txt === $decrypted_txt) echo "SUCCESS";
else echo "FAILED";
echo "<br/>";
}
Original Text:
Value to be encrypt & decrypt
Encrypted Text =
RjFhMElpR0VzMVlPeVdtREVraFJzYnhnNXZ4ck4vSmhRVUtXWXJoUzBVWT0=
Decrypted Text
Value to be encrypt & decrypt
SUCCESS
Or (This will carry IV with encrypted text itself):
<?php
define("SSL_SECRET_KEY", "xorxorxorxorxor");
define("SSL_ENCRYPTION_METHOD", "AES-256-CBC");
define("SSL_SECRET_IV_SIZE", openssl_cipher_iv_length(SSL_ENCRYPTION_METHOD));
function encryptData($string)
{
$key = hash('sha256', SSL_SECRET_KEY);
$iv = openssl_random_pseudo_bytes(SSL_SECRET_IV_SIZE);
$output = openssl_encrypt($string, SSL_ENCRYPTION_METHOD, $key, 0, $iv);
return base64_encode($iv . ":" . $output);
}
function decryptData($string)
{
$string = explode(":", base64_decode($string));
$key = hash('sha256', SSL_SECRET_KEY);
return openssl_decrypt($string[1], SSL_ENCRYPTION_METHOD, $key, 0, $string[0]);
}
$plain_txt = "Value to be encrypt & decrypt";
echo "Original Text = $plain_txt<br/>";
$encrypted_txt = encryptData($plain_txt);
echo "Encrypted Text = $encrypted_txt<br/>";
$decrypted_txt = decryptData($encrypted_txt);
echo "Decrypted Text = $decrypted_txt<br/>";
if ($plain_txt === $decrypted_txt) echo "SUCCESS";
else echo "FAILED";
echo "<br/>";
Original Text:
Value to be encrypt & decrypt
Encrypted Text:
NfDWpobv5RGaC29EpXvP7Dp2WkJjN2pETmdPendsZkdsMnBVQXBTK2pRekJTNkhlTndEdTRGd3h6eHpFPQ==
Decrypted Text:
Value to be encrypt & decrypt
SUCCESS