I since tried to put together a simple example to do some testing
public function actionCreate()
{
$secretKey = 'Testing';
$model = new ClientsAccounts();
if ($model->load(Yii::$app->request->post())) {
\Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
$model->dtCreation = date('Y-m-d H:i:s');
$model->Username= Yii::$app->getSecurity()->encryptByPassword($model->AccountUN, $secretKey);
$model->Password = Yii::$app->getSecurity()->encryptByPassword($model->AccountPW, $secretKey);
if ($model->validate()) {
$model->save();
return json_encode(['status' => 'Success', 'message' => 'New record created successfully.']);
}else{
$validationErrors = '';
if ($model->hasErrors()) {
if ($validationErrors != '') {
$validationErrors .= '<br>';
}
$validationErrors .= '<div class="col-md-offset-1">' . implode('<br>', $model->getErrorSummary(true)) . '</div>';
}
return json_encode([
'status' => 'Error',
'message' => 'Model not valid!',
'errors' => $validationErrors
]);
}
} else {
return $this->renderAjax('create', [
'model' => $model,
]);
}
}
public function actionUpdate($id)
{
$secretKey = 'Testing';
$model = $this->findModel($id);
if ($model->load(Yii::$app->request->post())) {
\Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
$model->dtModification = date('Y-m-d H:i:s');
$model->Username = Yii::$app->getSecurity()->encryptByPassword($model->AccountUN, $secretKey);
$model->Password = Yii::$app->getSecurity()->encryptByPassword($model->AccountPW, $secretKey);
if ($model->validate()) {
$model->save();
return json_encode([
'status' => 'Success',
'message' => 'Record updated successfully.'
]);
} else {
$validationErrors = '';
if ($model->hasErrors()) {
if ($validationErrors != '') {
$validationErrors .= '<br>';
}
$validationErrors .= '<div class="col-md-offset-1">' . implode('<br>', $model->getErrorSummary(true)) . '</div>';
}
return json_encode([
'status' => 'Error',
'message' => 'Model not valid!',
'errors' => $validationErrors
]);
}
} else {
$model->Username = Yii::$app->getSecurity()->decryptByPassword($model->AccountUN, $secretKey);
$model->Password = Yii::$app->getSecurity()->decryptByPassword($model->AccountPW, $secretKey);
return $this->renderAjax('update', [
'model' => $model,
]);
}
}
for some reason the decryptByPassword() doesn’t seem to be working. Those fields appear to return nothing? I have validated the Create action does push the encrypted data.
I finally got my example working by searching, but don’t quite understand why it is necessary (to encode and decode base64), below is the functional code should it helps others or if someone would care to explain it further to me (I’d be very grateful).
/**
* Creates a new ClientsAccounts model.
* If creation is successful, the browser will be redirected to the 'view' page.
* @return mixed
*/
public function actionCreate()
{
$secretKey = 'TestingEncrypt0003282!';
$model = new ClientsAccounts();
if ($model->load(Yii::$app->request->post())) {
\Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
$model->dtCreation = date('Y-m-d H:i:s');
$model->Username = base64_encode(Yii::$app->getSecurity()->encryptByPassword($model->AccountUN, $secretKey));
$model->Password = base64_encode(Yii::$app->getSecurity()->encryptByPassword($model->AccountPW, $secretKey));
if ($model->validate()) {
$model->save();
return json_encode(['status' => 'Success', 'message' => 'New record created successfully.']);
}else{
$validationErrors = '';
if ($model->hasErrors()) {
if ($validationErrors != '') {
$validationErrors .= '<br>';
}
$validationErrors .= '<div class="col-md-offset-1">' . implode('<br>', $model->getErrorSummary(true)) . '</div>';
}
return json_encode([
'status' => 'Error',
'message' => 'Model not valid!',
'errors' => $validationErrors
]);
}
} else {
return $this->renderAjax('create', [
'model' => $model,
]);
}
}
/**
* Updates an existing ClientsAccounts model.
* If update is successful, the browser will be redirected to the 'view' page.
* @param integer $id
* @return mixed
* @throws NotFoundHttpException if the model cannot be found
*/
public function actionUpdate($id)
{
$secretKey = 'TestingEncrypt0003282!';
$model = $this->findModel($id);
if ($model->load(Yii::$app->request->post())) {
\Yii::$app->response->format = \yii\web\Response::FORMAT_JSON;
$model->dtModification = date('Y-m-d H:i:s');
$model->Username = base64_encode(Yii::$app->getSecurity()->encryptByPassword($model->AccountUN, $secretKey));
$model->Password = base64_encode(Yii::$app->getSecurity()->encryptByPassword($model->AccountPW, $secretKey));
if ($model->validate()) {
$model->save();
return json_encode([
'status' => 'Success',
'message' => 'Record updated successfully.'
]);
} else {
$validationErrors = '';
if ($model->hasErrors()) {
if ($validationErrors != '') {
$validationErrors .= '<br>';
}
$validationErrors .= '<div class="col-md-offset-1">' . implode('<br>', $model->getErrorSummary(true)) . '</div>';
}
return json_encode([
'status' => 'Error',
'message' => 'Model not valid!',
'errors' => $validationErrors
]);
}
} else {
$model->Username = Yii::$app->getSecurity()->decryptByPassword(base64_decode($model->AccountUN), $secretKey);
$model->Password = Yii::$app->getSecurity()->decryptByPassword(base64_decode($model->AccountPW), $secretKey);
return $this->renderAjax('update', [
'model' => $model,
]);
}
}
equally effective is using utf8_encode() and utf8_decode(). Is it normal to require these functions? Is there a way to setup the database field so it isn’t required?