使用以下类加密和解密我的数据
<?php
class ConnectionInfo
{
public $mServerName;
public $mConnectionInfo;
public $conn;
public function GetConnection()
{
# code...
$this->mServerName = "DESKTOP-ES2IEHB\SQLEXPRESS";
$this->mConnectionInfo = array("Database"=>"thefaithdb");
$this->conn = sqlsrv_connect($this->mServerName,$this->mConnectionInfo);
return $this->conn;
}
public function my_simple_crypt( $string, $action = 'e',$algo ) {
// you may change these values to your own
$secret_key = 'my_simple_secret_key';
$secret_iv = 'my_simple_secret_iv';
$output = false;
$encrypt_method = "AES-256-CBC";
$key = hash( $algo, $secret_key );
$iv = substr( hash( $algo, $secret_iv ), 0, 16 );
if( $action == 'e' ) {
$output = base64_encode( openssl_encrypt( $string, $encrypt_method, $key, 0, $iv ) );
}
else if( $action == 'd' ){
$output = openssl_decrypt( base64_decode( $string ), $encrypt_method, $key, 0, $iv );
}
return $output;
}
}
?>
当我使用该类来解密数据并加密而不存储在数据库中时,当字符串具有所有长度时,它可以正常工作
<?php
require_once(dirname(__FILE__).'/Secure.php');
$mainpass = "ALSONG DUSTAN PHILANDER";
//MD5 encryption
$options = [
'cost' => 12,
];
$mSecure = new SecurityClass();
$encrypted = $mSecure->my_simple_crypt( $mainpass, 'e','sha512' );
$decrypted = $mSecure->my_simple_crypt($encrypted, 'd','sha512' );
echo "encrypted $encrypted<br/>";
echo "decrypted $decrypted<br/>";
?>
这是输出 It is in the link
现在我用这段代码存储mssql数据库
<?php
require_once(dirname(__FILE__).'/ConnectionInfo.php' );
//Get up our connection
$mConnectionInfo = new ConnectionInfo ();
$mConnectionInfo->GetConnection();
if ($mConnectionInfo->conn) {
# code...
echo "Connected<br/>";
}
$encrypted = $mConnectionInfo->my_simple_crypt('ALSONG DUSTAN PHILANDER' , 'e','sha384' );
$myparams['Item_Name'] = $encrypted;
$encrypted2 = $mConnectionInfo->my_simple_crypt('56' , 'e','sha384' );
$myparams['Item_Age'] = $encrypted2;
$parameters = array(array(&$myparams['Item_Name'],SQLSRV_PARAM_IN),
array(&$myparams['Item_Age'],SQLSRV_PARAM_IN));
$sql = "EXEC spGetUser @Item_Name = ? , @Item_Age = ? ";
$stmt = sqlsrv_prepare($mConnectionInfo->conn,$sql,$parameters);
$work = sqlsrv_execute($stmt);
if ($work) {
# code...
echo "Successful $encrypted<br/>";
}
else {
# code...
echo "Connection Failed.<br/>";
die(print_r(sqlsrv_errors(),true));
}
?>
哪个是成功的,然后当我想使用存储过程从数据库中检索它时
CREATE PROCEDURE [dbo].[spGetAge]
@Item_Name nvarchar(max)
AS
SELECT Name AS IDName,Age FROM [User] WHERE Name = @Item_Name
RETURN 0
然后这是检索它的PHP代码
<?php
require_once(dirname(__FILE__).'/ConnectionInfo.php' );
//Get up our connection
$mConnectionInfo = new ConnectionInfo ();
$mConnectionInfo->GetConnection();
if ($mConnectionInfo->conn) {
# code...
echo "Connected<br/>";
}
$encrypted1 = $mConnectionInfo->my_simple_crypt('ALSONG DUSTAN PHILANDER' , 'e','sha384' );
$myparams2['Item_Name'] = $encrypted1;
$params = array(array(&$myparams2['Item_Name'],SQLSRV_PARAM_IN));
$sql2 = "EXEC spGetAge @Item_Name = ?";
$stmt2 = sqlsrv_prepare($mConnectionInfo->conn,$sql2,$params);
$work = sqlsrv_execute($stmt2);
if(!$stmt2)
{
echo "Query failed <br/>";
die( print_r( sqlsrv_errors(), true) );
}
else{
$row = sqlsrv_fetch_array($stmt2,SQLSRV_FETCH_ASSOC);
$name = $row['IDName'];
if ($name==null) {
# code...
echo "Empty";
}
$decrypted = $mConnectionInfo->my_simple_crypt($row['IDName'], 'd','sha384' );
$decrypted2 = $mConnectionInfo->my_simple_crypt($row['Age'], 'd','sha384' );
echo "The age is $decrypted2 of $decrypted <br/>";
echo $row['IDName'] ;
echo "<br/> The name is $encrypted1";
}
?>
只有当我的加密输入字符串长度超过14个字符时才会出现此问题。在将数据存储到数据库中然后对其进行解密后,如何才能使其工作成功。谢谢你的帮助
答案 0 :(得分:0)
我觉得像php加密是错误的方式去... 如果您将数据存储在SQL服务器中,那么您拥有所需的所有工具。 给this一篇文章。 一旦知道要使用多少层加密,就可以在服务器上创建证书和密钥。 如果你想获得sql server上的信息 - 编写一个在mssql服务器上使用你的组件的存储过程,如果你想让它显示出来,请准备好一个存储过程来解密它们(你应该拥有它,因为数据是如果没有在mssql服务器上解密,那将无法读取)。
