Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>Well this might be a bit naive, but how about simply encrypting on the server [php I assume] side before you write to the DB and then decrypting it back when you do reads ? It looks like your issue is you don't want a server admin to <strong><em>easily</em></strong> read your data. If you use Symfony, you can probably do this deep enough in the model that your code won't have to change.</p> <hr> <p>After some digging, here is how I would do it if I were feeling particularly brave.</p> <p>Edit buildParams() in xxx/symfony/vendor/propel/util/BasePeer.php, on like 860 you will find </p> <pre><code>$params[] = array('column' =&gt; $crit-&gt;getColumn(), 'table' =&gt; $crit-&gt;getTable(), 'value' =&gt; $crit-&gt;getValue()); </code></pre> <p>change to </p> <pre><code>$params[] = array('column' =&gt; $crit-&gt;getColumn(), 'table' =&gt; $crit-&gt;getTable(), 'value' =&gt; your_encryption_method($crit-&gt;getValue())); </code></pre> <p>(unless I missed something) all symfony/propel writes to the database will eventually end up calling that function, so everything you write to the db gets encrypted with your_encryption_method(). </p> <p>Try this out and if it works and you're <strong>still</strong> feeling brave, modify the addHydrate() function in xxx/symfony/vendor/propel-generator/classes/propel/engine/builder/om/php5/PHP5BasicObjectBuilder.php (line 668) so that the hydrate() code propel generates for you when you call <strong>symfony propel-build-model</strong> or <strong>symfony-propel-build-all</strong> will automatically decrypt everything from the database. </p> <p>it should currently look like</p> <pre><code> case PropelTypes::DATE: case PropelTypes::TIME: case PropelTypes::TIMESTAMP: $script .= " \$this-&gt;$clo = \$rs-&gt;get$affix(\$startcol + $n, null); "; break; default: $script .= " \$this-&gt;$clo = \$rs-&gt;get$affix(\$startcol + $n); "; </code></pre> <p>you want to modify it to something along the lines of</p> <pre><code>case PropelTypes::DATE: case PropelTypes::TIME: case PropelTypes::TIMESTAMP: $script .= " \$this-&gt;$clo = \$rs-&gt;get$affix(\$startcol + $n, null); "; break; default: $script .= " \$this-&gt;$clo = \my_decryption_function($rs-&gt;get$affix(\$startcol + $n)); "; </code></pre> <p>After you make this change, run symfony propel-build-model and let me know if it worked :-). Good luck and you probably already know this, but make backups of these files before you modify them.... oh and since you're modifying core symfony, your other projects will have issues unless you want them all to write encrypted data to the db</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload