Data Encryption with Php and MySql is very important. Some programmers wonder about the methods and implementation of different processes for data encryption. In this article we are going to discuss a sure way to encrypt your data with Open SSL before storing it in MySql. UPDATE: I posted a newer version of this tutorial here. BEST PHP ENCRYPTION DECRYPTION MYSQL TUTORIAL | PROACTIVE METHODS (a1websitepro.com) I am sure you will find it more informative with more codes to examine and download. The short end of the story is you must have a key to lock and unlock the data. This tutorial is for advanced data technicians, but we are going to make it simple so anyone can understand.

Update: This does not work in PHP 8+

Data Encryption Key With Php

You need to set a data encryption key. We can store this key on a separate server, but this is for another tutorial. The key can be short or long and can contain numbers, letters and symbols. You can use uppercase or lowercase letters. I recommend making it at least 45 characters long. Here is an example.

$key = 'qkwjdiw239&&jdafweihbrhnan&^%$ggdnawhd4njshjwuuO';

Encrypt Function in PHP

The magic happens with the encrypt function in Php. Here is a little gem that you will use repeatedly in the future. This takes all the data you entered and encrypts it. You will want to use this to encrypt all your private data before inserting it into a database.  We use base 64 decode to begin the operation. I know what you're thinking, that you can just go to some decode website like this and decode the string.  Well, think again my friend because we are going to use open random ssl pseudo bytes to make this string as complicated as possible. Then we are going to use openssl encrypt. Next we user aes-256-cbc which is NOT CRACKABLE without the key. Finally, we return the base 64 encode encrypted string and surprise. We have an encrypted string.

function encryptthis($data, $key) {
$encryption_key = base64_decode($key);
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));
$encrypted = openssl_encrypt($data, 'aes-256-cbc', $encryption_key, 0, $iv);
return base64_encode($encrypted . '::' . $iv);
}

Decrypt Php Function

All of this means nothing if you cannot decrypt your string, right? Here is how you decrypt your string with a Php function. You will want to save this code snippet in your security arsenal as well. Once again we decode using base 64. Notice we have our key in there as well. Then we use the list function in PHP to interpret our array. Then we use openssl decrypt to decrypt our string with our key.

function decryptthis($data, $key) {
$encryption_key = base64_decode($key);
list($encrypted_data, $iv) = array_pad(explode('::', base64_decode($data), 2),2,null);
return openssl_decrypt($encrypted_data, 'aes-256-cbc', $encryption_key, 0, $iv);
}

Example of Php Encryption and Decryption

Here is a full working example of the above method in action. Feel free to use this, but make sure that you use a different key.

$key = 'qkwjdiw239&&jdafweihbrhnan&^%$ggdnawhd4njshjwuuO';

function encryptthis($data, $key) {
$encryption_key = base64_decode($key);
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc'));
$encrypted = openssl_encrypt($data, 'aes-256-cbc', $encryption_key, 0, $iv);
return base64_encode($encrypted . '::' . $iv);
}

function decryptthis($data, $key) {
$encryption_key = base64_decode($key);
list($encrypted_data, $iv) = array_pad(explode('::', base64_decode($data), 2),2,null);
return openssl_decrypt($encrypted_data, 'aes-256-cbc', $encryption_key, 0, $iv);
}

if(isset($_POST['submit'])){
$data=$_POST['foo'];
$encrypted=encryptthis($data, $key);
$decrypted=decryptthis($encrypted, $key);
echo '<h2>Original Data</h2>';
echo '<p>'.$data.'</p>';
echo '<h2>Encrypted Data</h2>';
echo '<pre>'.$encrypted.'</pre>';
echo '<h2>Decrypted Data</h2>';
echo '<p>'.$decrypted.'</p>';
}

echo '<form method="post">
<input type="text" name="foo">
<input type="submit" name="submit" value="submit">
</form>';