Unfortunately your browser does not hava JavaScript capabilities which are required to exploit full functionality of our site. This could be the result of two possible scenarios:

You are using an old web browser, in which case you should upgrade it to a newer version. We recommend the latest version of Safari or Firefox.
You have disabled JavaScript in you browser, in which case you will have to enable it to properly use our site. Information on enabling JavaScript.

Phase In, Phase Out

By David Golding | Print This Post

So 2009 has been a whirlwind for all of us. The global economy has gone to pot and many of us are struggling mightily to make ends meet. As for me, I have the benefit of laying low, kinda. I’ve been hard at work pursuing a graduate degree, and since this is a necessary step in my professional aspirations, now is perhaps the best time to be chugging away at schoolwork rather than taking the job market head-on. What this has meant, though, is more or less a hiatus from the full-steam-ahead web development work of 2008. And this blog has been quiet as well.

But students are not immune from ailing economies. Funding has dried up all over the place. My particular university noticed a drop of around a third in their endowment fund. So just as I was phasing out of web work to embark in more academic pursuits, I have found myself falling back and relying heavily on web development to get me through. I have more to blog about, more CakePHP to discuss, and hopefully more screencasts to film.

As a blog-warming gift to those readers who have stuck around, here’s a handy PHP script I wrote for managing 2-way encryption for credit card numbers. Like anything in data security, it’s not completely bulletproof, but I think I’ve managed a moderately to highly secure algorithm here that allows one to hold onto credit card numbers in an encrypted form, and still decipher those numbers for later processing. Of course, there’s no replacement for overall site security, so be sure to install this file outside the server root, and take care of those database calls so that you forestall any intrusion hacks.

A test credit card number from American Express:

1
371449635398431

encrypts as:

1
snRLL^AN+HtsBi3$J)sHpLsRG

Of course, by altering some settings, that same number can come out even longer:

1
a<:8aaaUTE)TR(/%dL7[?kLe0_Gry@ZR{bTaB!~E3arALaRL

Installation is pretty easy. Just include the script, instantiate the

DGCrypt

class, and run either

encode()

decode()

. Be sure to edit the class properties with your own values, or your salt values will be compromised.

Encrypting a number

1
2
3
4
5
include_once(PATH_TO_FILE.DIRECTORY_SEPARATOR.'dgcrypt.php');

$cc = new DGCrypt();



$encryptedNumber = $cc->encode($_POST['credit_card']);

//save $encryptedNumber

Decrypting a saved string

1
echo $cc->decode($encryptedString);

Download

So here it is. One file, nice and easy. Enjoy, and best of luck to everyone in your pursuits.

Download DGCrypt

Comments

No Responses to “Phase In, Phase Out”

David Golding