0

How to encrypt and decrypt data in php?

My code so far is:-

function encrypter($plaintext)
{
    $plaintext = strtolower($plaintext);
    $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256,FLENCKEY,$plaintext,MCRYPT_MODE_ECB);    
    return trim(base64_encode($crypttext));
}

function decrypter($crypttext)
{
    $crypttext = base64_decode($crypttext);    
    $plaintext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256,FLENCKEY,$crypttext,MCRYPT_MODE_ECB);    
    return trim($crypttext);
}

$test = "[email protected]";

echo encrypter(test);

Output is 

iLmUJHKPjPmA9vY0jfQ51qGpLPWC/5bTYWFDOj7Hr08=

echo decrypter(test);

Output is 

��-
Improve this question
3
  • 5
    wouldn't you be wanting to decrypt the encrypted data, as opposed to trying to decrpt $test which is already decrypted? Commented Sep 26, 2013 at 6:54
  • Do not encrypt anything if you are not good at it. I know barely enough about encryption to know that if you fail at it, no hacker will point it out to you. While it might be a good idea to use Rijndael 256, which is basically AES 256 you obviously do not know the importance of encryption mode as ECB is very bad. (However this is mitigated by the short length of your data) Commented Sep 26, 2013 at 6:55
  • Possible duplicate of How do you Encrypt and Decrypt a PHP String? Commented Mar 31, 2018 at 15:19

5 Answers 5

Reset to default
2

In your decrypter() function, you return the wrong data.

You should return $plaintext instead of $crypttext:

function decrypter($crypttext)
{
    $crypttext = base64_decode($crypttext);    
    $plaintext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256,FLENCKEY,$crypttext,MCRYPT_MODE_ECB);    
    //return trim($crypttext);
    return trim($plaintext);
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

The other code samples on this page (including the question) are not secure.

To be secure:

  1. Don't use mcrypt.
  2. Use authenticated encryption.
  3. Never use ECB mode (a.k.a. MCRYPT_MODE_ECB).

See this answer for secure encryption in PHP.

Improve this answer

Comments

1

This is what I use. Super simple.

function encrypt_decrypt($action, $string) {
   $output = false;
   $key = '$b@bl2I@?%%4K*mC6r273~8l3|6@>D';
   $iv = md5(md5($key));
   if( $action == 'encrypt' ) {
       $output = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, $iv);
       $output = base64_encode($output);
   }
   else if( $action == 'decrypt' ){
       $output = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($string), MCRYPT_MODE_CBC, $iv);
       $output = rtrim($output, "");
   }
   return $output;
}

You can change $key to whatever you want, or leave it. (this is not my key, btw)

encrypt_decrypt('encrypt', $str) to encrypt

encrypt_decrypt('decrypt', $str) to decrypt

Improve this answer

Comments

0

Inside the decrypter function, change the 

return trim($crypttext);

to

return trim($plaintext);

But looking at your function, I am not quite sure whether it will return exactly the same string, because of the strtolower function. You can't just do a strtoupper function as the original text may not be all in capital letters.

Improve this answer

Comments

0

Warning mcrypt_encrypt has been DEPRECATED as of PHP 7.1.0. Relying on this function is highly discouraged. Use openssl_encrypt instead.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.