I want to make a table. My users give me their email address, this is then stored in the database. Should they ever require their login details to be resent to them, they can enter this email address, it will be checked in the system to see if it exists, if it does, an email will be sent to them with their login details.
What database structure is best for this?
What is the best way to store the emails that is not visible to everyone who hacks into the database? bearing in mind I will only check another value against the database and never require the actual email address stored as output?
If you just need to check if the e-mail is in the system, you should probably store a hash of some sort (MD5 or SHA, both of which MySQL supports natively) instead of the actual e-mail address. A hash is a one-way encryption, which means you can’t retrieve the e-mail address from the converted hash text, but you can recreate the hash from the e-mail address.
There’s a good discussion of how to store SHA1 strings in MySQL here:
Storing SHA1 hash values in MySQL
If your table looks something like this:
You could check if the e-mail address exists with a query like this:
If it returns a result, then you know the userid that matches the e-mail address and you can send an e-mail to the e-mail address you collected from the user. (Remember, you won’t be able to retrieve the e-mail address from your database.)
There are more notes on MySQL’s encryption algorithms here:
http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html