Home/ Questions/Q 8290661
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T12:52:23+00:00

How do I store some encrypted strings (just about one to a couple of

  • 0

How do I store some encrypted strings (just about one to a couple of words)?

Let’s suppose I encrypted this string:

$key='fappings'; // Encryption Key
$str='Mama Luigi'; // String that I Encrypted
$encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $str, MCRYPT_MODE_CBC, md5(md5($key)));

Now, assuming I don’t want to index that data, or perform any searches on it, just wanna ask two questions:

  1. What datatype would I better use? I would guess varbinary, but I’m not sure…

  2. How would I make process my query? Assuming I would use a simple mysql_query() function.

I saw some people would actually make base64 encode, and then simply insert it, just the way a normal string would go, eg:

mysql_query("insert into faps data='".base64_encode($encrypted)."'");

But something tells me it’s not the way to do it. Even space-wise insufficient.

What would be a better approach?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Use a varbinary (as you suggest) or a blob, depending on length required. For safety, multiply the length of the string by 4.

    No need to base64 encode it – that just adds yet more length. All you need are the regular escaping functions (mysql_real_escape_string at a basic level, or bind using PDO and it’ll make it safe for you).

    An alternative may be to use MySql’s own encryption functions. http://dev.mysql.com/doc//refman/5.5/en/encryption-functions.html as this may save you some programming hassles? Moves the stress from PHP server to MySQL server – so consider which is less stressed, and whether travelling of the uncompressed SQL instructions over an open network matters etc.

    • 0