I have spent countless hours trying to figure this out, but I can’t get it to work!
How do I make the filters of a CGridView work with a field that is encrypted in the database? Basically what I need to do is to manipulate the value the user enters in the textfield for searching before it is compared with the value in the database.
I thought all I had to do was something like:
public function search()
where manipulate() is a function that manipulates the value the user enters to search for (in this case encrypts it,) BUT if I do that then, the cgridview does not diaplay any results at all (even when the user is not searching for a field).
After reading the documentation, it seems like the fields are populated by the findAll() function which I could override.
public function findAll($condition='',$params=array())
// change the $params here to manipulate the search fields (encrypt them). but HOW!?
if ($this->email != '')
Solved the issue!
And you are totally right (I don’t know how I did not think of that before), what I am trying to do will not work unless I do a strict comparison because if the user email is: firstname.lastname@example.org, and I make a search for “myemail” the encryption of “myemail” will not be a substring of the encryption of email@example.com.
Now I have a big problem there!
Do you think its impossible to handle encrypted data for partial searching?
A little bit out of topic but related to this, I will also have a problem with the sorting of the encrypted fields!
It is a two way encryption. The password field is the only one using a hashing algorithm (but that one I do not need to search nor order by). The reason for encoding the email field is to protect the user privacy (if a hacker breaks into the database then he wont have the emails of the users).
So basically yes, it can be decrypted but I don’t know how could I make it work. Probably the encryption/decryption needs to be handles by the database instead of php so that I could search or order the encrypted fields. If not, I would have to decrypt all values of the table first, then search those values… I think it would be a very processor/memory intensive task :s