Home/ Questions/Q 339657
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-12T10:32:36+00:00

I work with symfony framework and Propel and i was wandering what is the

  • 0

I work with symfony framework and Propel and i was wandering what is the easiest way to encrypt a database. I’m not talking about passwords but all the database . I built a small web application for a client that manages some information (user accounts, passwords etc) and i don;t want it to be visible if someone has access to phpmyadmin for example.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Well this might be a bit naive, but how about simply encrypting on the server [php I assume] side before you write to the DB and then decrypting it back when you do reads ? It looks like your issue is you don’t want a server admin to easily read your data. If you use Symfony, you can probably do this deep enough in the model that your code won’t have to change.

    After some digging, here is how I would do it if I were feeling particularly brave.

    Edit buildParams() in xxx/symfony/vendor/propel/util/BasePeer.php, on like 860 you will find 

    $params[] = array('column' => $crit->getColumn(), 'table' => $crit->getTable(), 'value' => $crit->getValue());

    change to 

    $params[] = array('column' => $crit->getColumn(), 'table' => $crit->getTable(), 'value' => your_encryption_method($crit->getValue()));

    (unless I missed something) all symfony/propel writes to the database will eventually end up calling that function, so everything you write to the db gets encrypted with your_encryption_method().

    Try this out and if it works and you’re still feeling brave, modify the addHydrate() function in xxx/symfony/vendor/propel-generator/classes/propel/engine/builder/om/php5/PHP5BasicObjectBuilder.php (line 668) so that the hydrate() code propel generates for you when you call symfony propel-build-model or symfony-propel-build-all will automatically decrypt everything from the database.

    it should currently look like

                                        case PropelTypes::DATE:
                        case PropelTypes::TIME:
                        case PropelTypes::TIMESTAMP:
                            $script .= "
            \$this->$clo = \$rs->get$affix(\$startcol + $n, null);
";
                            break;
                        default:
                            $script .= "
            \$this->$clo = \$rs->get$affix(\$startcol + $n);
";

    you want to modify it to something along the lines of

    case PropelTypes::DATE:
                        case PropelTypes::TIME:
                        case PropelTypes::TIMESTAMP:
                            $script .= "
            \$this->$clo = \$rs->get$affix(\$startcol + $n, null);
";
                            break;

                        default:
                            $script .= "
            \$this->$clo = \my_decryption_function($rs->get$affix(\$startcol + $n));
";

    After you make this change, run symfony propel-build-model and let me know if it worked :-). Good luck and you probably already know this, but make backups of these files before you modify them…. oh and since you’re modifying core symfony, your other projects will have issues unless you want them all to write encrypted data to the db

    • 0