Encryption data?

Be careful of the performance impacts encryption may have on your queries. There is overhead you must consider.

Hi Yannick, I also store privacy sensitive information. Sc_encode and sc_decode are not enough for you?

1 Like

WOW !! Zaz. it’s perfect.

Thank you very much, so simple.

Be careful, this is encoding, not encrypting, this is the lowest level of security you can get, just after nothing

1 Like

I understand, it’s better than nothing. Do you know the encoding and decoding formula used?

No, I never used it before

Since I mostly use MySQL, the native encryption is almost as easy to use as sc_encode

AES, yes very simple, but too restrictive to use with Scriptcase.

Hi Zaz,

Do you have any idea how to encode data already in my database?
I want to encode the first and last name on my 2000 existing files?

Thanks

Hi Yannick,

You have to make a loop, reading the records, encode them and update them again. After that it is not so easy to work with searches and sorting. I also have a table of names and addresses. I have not encrypted the names, but the rest of the record has. Does that help you?

Ok for the loop. But, what is the name of the php function equivalent to sc_encode ()?

Hmmm, good point about research, might that not work anymore?

Thks

What do you mean equivalent? You can still use sc_encode?

Hi Zaz,

You have to make a loop, reading the records, encode them and update them again.

Are you talking about a php script outside of scriptcase?

It cannot be outside Scriptcase since you don’t know the encoding algorithm

hi Jboutin60,

How do I create a script inside Scriptcase at this time?

Where to put my php code (loop)?

Thanks

If I understand your problem, it need to be executed only one time

If so put it in onScriptInit of any app or create a blank one that will be executed only one time
Then remove or comment out your code

To be safe, add a field to specified if the info is already encode, so you don’t encode it 2 times

1 Like

Ok thank you, I understand, so simple !

when you have a form and insert a record how can you make it apply the native Mysql encryption?
do i have to put in the onbeforeinsert event a query with the AES_ENCRYPT function?

Thanks

To work with a form or grid you need to have 2 fields for the encrypted DATA. One plain field and one encrypted field set by default to ‘’.

You set up the form using the normal field and hide the encrypted field.

When you insert the data, the normal field will contain the plain info.

In the onAfterInsert or onAfterUpdate event you do an update of your info

$SQL = "UPDATE table SET encryptfield = AES_ENCRYPT({field}, UNHEX(SHA2('My secret passphrase',512))), field = '' WHERE ID = {ID}";
sc_exec_sql($SQL);

Now your encrypted field contain the data and the plain field is empty.

In the onLoad event decrypt your field so the form or grid work correctly.

Sorry I don’t have more time to explain this. Use this as a base for your project, check my syntax I didn’t test it.

A bit late to this game. MySQL uses built in encryption, meaning that in local non SSL networks, while the data is safe in the db, you have unencrypted data travelling around the network. The data is returned to the user unencrypted, and can be viewed with any packet sniffer anywhere in the network, and even MITM attacks can be made if the bad actor has access to the network and certificate.

For this reason, I prefer to encrypt and decrypt within the application, then when databases are stored on unencrypted (and encrypted networks), the data remains encrypted until the application decrypts. It is more efficient, too, as encryption is done on the local user machine.

Even though I have an up to date Scriptcase subscription, I still have to write most of my project DB applications in Visual Studio, because of customer requirements.

Actually, that depends on your configuration. See: https://dev.mysql.com/doc/refman/8.0/en/encrypted-connections.html

You can encrypt the data between the MySQL driver (client) and the database. And you can encrypt the database itself, so when stolen, the data cannot be extracted. But they are separate things.

1 Like