As one of the most flexible PHP frameworks, CakePHP lets you do pretty much whatever you want. In this blog entry I will be going over how to encrypt fields in your database.

As a preface to this, just encrypting data does not implicitly guarantee security. The nature in which data is stored, how it’s accessed and the storage of credentials for access are all implicit to security of data: just encrypting a field doesn’t mean it’s safe. Similarly, trying to hide data using unusual techniques is not a method of reliable security: security by obscurity is not security. Finally, the methods outlined in this post should never be used to store passwords, as encryption is reversible, whereas hashing is a one way operation: see here.

With all that said and done, let’s get started. In the hypothetical situation outlined in this post, we will be encrypting the postal address stored for each user in the CakePHP system.

CakePHP is an open source PHP development framework that we use here at NuBlue, that’s based on the Model View Controller pattern. The very basic explanation of MVC is that the Model retrieves and saves data to and from the application database, the Controller takes data from the Model, performs logic on it, and sends the data to the view, and the View renders the data for the user, and sends requests to the Controller to save or retrieve data.

In our case, we want to have the user model have steps between the retrieval of data or saving of data to decrypt and encrypt data respectively. There are two hooks in CakePHP that we can use to achieve this: beforeSave and afterFind. beforeSave is called before data is saved into the database and afterFind is called after database data is retrieved.

Both of these functions exist in the parent model, which all application models inherit from, of which both by default do nothing, and do not modify data in any way. Including them in our user model, which will be User.php in app/models, will say to cake: “Don’t use the standard beforeSave or afterFind, use the ones we define here”. In our instance, let’s say the user has the following fields:

  • Id – the unique user id
  • Username – the unique username of the user
  • Password – the stored hash of the password
  • Email – the email associated with the user
  • Address – the postal address of the user.

If we want to intercept the address data going into and out of the database, the two functions would look like this:

This isn’t inherently useful to us, as all it does is replace the address with nonsense; the data is passed in, we edit it, it goes out again. To actually encrypt and decrypt the data, we are going to rely on Cake’s excellent security helper.
The functions themselves take the form of:

Where Security::rijndael is the function that encypts and decrypts data, and the inputs to the function are:

  • $plainTextInput – The text we want to encrypt, in our case: the address.
  • Configure::read(‘Security.addressCrypKey’) – The encryption key.
  • encrypt – Wheather we want to encrypt or decrypt the text provided

Configure::read(‘Security.addressCrypKey’) will return a string that we will define in core.php in the Config folder:

This is required for the encryption to work. Make sure it’s a long string (the bare minimum is 32 characters)  with lots of random characters, certainly not the example used above!

So, combining everything above, we can use:

So now, the datbase will only store the encrypted verson of the address, and the user, View and Controller will be oblivious to the changes. If you get an error saying “Class ‘Security’ not found” add

to the top of your User model.

Hope this helps with your CakePHP baking!

NuBlue is an award winning CakePHP web design Company and a UK CakePHP web hosting provider. Please get in touch and we will be happy to discuss your requirements.

 

Image courtesy of Nino Barbieri.

Subscribe to RSSShare on Google+Share on LinkedInShare on StumbleUponShare on TumblrShare on FacebookTweet about this on Twitter