Hi,
I have a client requirement that all fields in the DB be encrypted (excluding PKs). Has anyone done this before using Yii?
I’m thinking about using MySql’s AES_ENCRYPT function as the encryption mechanism. Since all fields need to be encrypted, I’m thinking of modifying the CActiveRecord’s beforeSave() and afterFind() methods to do the encryption/decryption. Does this seem like a viable solution and am I going to run into any troubles?
Cheers,
Matt
afterFind and beforeSave is what you need, but I’d advice you not to encode primary keys and foreign keys for performance reason.
Also you can create a masterClass for such records, in order to avoid to repeat the function in each records.
Not sure if i understand correctly: You want to encrypt every field (so like "name", "street" etc.)? You are aware that by doing so, you can not use any of them in a WHERE condition that makes sense anymore?
Yeah, I expected a few hiccups. I found this article that points out that all the query params (in WHERE clause) need to be encrypted when doing a SELECT - makes sense.
I will post back my findings. It’s going to be a long night!!
Matt