处理时加密表单，显示时解密 - Encrypt form while processing and decrypt while displaying

在我的网站上，我允许用户在那里形成流程，用户将输入

15 个文本输入
5 图片

正在将表单信息存储在SQL数据库中，并且为了防止SQL注入，我遵循了此处给出的所有方法现在我需要的是我需要加密表单信息并将其存储到SQL数据库，我需要将所有用户信息存储在加密中并存储在数据库中

我在我的网站中使用另一种方法，用户通知将在一页中检索，因此在此页面中我需要解密所有信息并显示

由于我是网络语言的新手，有人可以帮助我如何即时进行加密和解密

加密我的表单值

try {
#connection 
    $conn = new PDO('mysql:host=localhost;dbname=localtest', $db_username, $db_password);
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $data = $conn->prepare('INSERT INTO agriculture (cacat, mtype, mtitle, image1, image2, image3, image4, image5, description, mcondition, cmodel, price, youare, mname, email, phone, ylocation, ystreet) VALUES (:cacat, :mtype, :mtitle, :image1, :image2, :image3, :image4, :image5, :description, :mcondition, :cmodel, :price, :youare, :mname, :email, :phone, :ylocation, :ystreet)');
    $cacat = filter_input(INPUT_POST, 'cacat', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $mtype = filter_input(INPUT_POST, 'mtype', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $mtitle = filter_input(INPUT_POST, 'mtitle', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $description = filter_input(INPUT_POST, 'description', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $mcondition = filter_input(INPUT_POST, 'mcondition', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $cmodel = filter_input(INPUT_POST, 'cmodel', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $price = filter_input(INPUT_POST, 'price', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $youare = filter_input(INPUT_POST, 'youare', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $mname = filter_input(INPUT_POST, 'mname', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $phone = filter_input(INPUT_POST, 'phone', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $ylocation = filter_input(INPUT_POST, 'ylocation', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $ystreet = filter_input(INPUT_POST, 'ystreet', FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
    $data->execute(array(':cacat' => $cacat,
        ':mtype' => $mtype,
        ':mtitle' => $mtitle,
        'image1' => $file1,
        'image2' => $file2,
        'image3' => $file3,
        'image4' => $file4,
        'image5' => $file5, ':description' => $description, ':mcondition' => $mcondition, ':cmodel' => $cmodel, ':price' => $price, ':youare' => $youare, ':mname' => $mname, ':email' => $email, ':phone' => $phone, ':ylocation' => $ylocation, ':ystreet' => $ystreet));

您可以使用 mcrypt 进行操作，请查看以下您可能知道的代码，您所要做的就是在要插入/更新记录加密记录时以及在检索时需要解密记录

<?php
/*
 * PHP mcrypt - Basic encryption and decryption of a string
 */
$string = "Some text to be encrypted";
$secret_key = "This is my secret key";
// Create the initialization vector for added security.
$iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
// Encrypt $string
$encrypted_string = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $secret_key, $string, MCRYPT_MODE_CBC, $iv);
// Decrypt $string
$decrypted_string = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $secret_key, $encrypted_string, MCRYPT_MODE_CBC, $iv);
echo "Original string : " . $string . "<br />'n";
echo "Encrypted string : " . $encrypted_string . "<br />'n";
echo "Decrypted string : " . $decrypted_string . "<br />'n";
?>

您可以做的是创建一个用于加密和解密的类

class Security{
      private $secret_key;
      private $iv;
      public function __construct()
      {
           $this->secret_key = "your key";
           $this->iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND);
      } 
      public function encrypt($string)
      {
            $encrypted_string = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->secret_key, $string, MCRYPT_MODE_CBC, $this->iv);
            return $encrypted_string;
      }
      public function decrypt($encryptedString)
      {
                $decrypted_string = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->secret_key, $encrypted_string, MCRYPT_MODE_CBC, $this->iv);
      }

}

对于AES加密，您可以参考教程

http://aesencryption.net/

你可以

使用密码

您将需要以下代码来加密表单数据

require 'Cipher.php';
// First init the class by calling the constructor
$cipher = new Cipher('AvErrySeCretPasSw0rd!1!2!3!');
// Loop through POST, an array containing your input values
foreach ($_POST as $key => $value) {
    $_POST[$key] = $cipher->encrypt($value);
}

之后，您的 $_POST 将包含加密的表单值。

或者简单地加密一个值：

require 'Cipher.php';
$cipher = new Cipher('AvErrySeCretPasSw0rd!1!2!3!');
$inputValue = "This is your input value";
$output = $cipher->encrypt($inputValue);

解密输出：

require 'Cipher.php';
$cipher = new Cipher('AvErrySeCretPasSw0rd!1!2!3!');
$decrypted = $cipher->decrypt($output);