hellow,

I have created a function to readout values form a table.

function GETPROPDATA($prefix)
{

$Q_prop = mysql_query("SELECT * FROM ".$prefix."prop");


while($r = mysql_fetch_array($Q_prop))
{
$dataholder = $r['prop_variable'];
$return[$dataholder] = $r['prop_value'];
}

return $return;
}

however the value data is encrypted with a AES layer. is it possible to decrypt every value without having to define eatch and everyone of them ?

No you can't.

well actualy you can with help of a other coder i created the following function:

function GETPROPDATA($prefix,$key)
{

$Q_prop = mysql_query("SELECT * FROM ".$prefix."prop");

while($r = mysql_fetch_array($Q_prop))
{
$dataholder = $r['prop_variable'];

$Q_prop_select_item = mysql_query("SELECT AES_DECRYPT(prop_value,'$key') FROM
{$prefix}prop WHERE prop_variable = '$dataholder'");

$r2 = mysql_result($Q_prop_select_item,'prop_value');

$return[$dataholder] = $r2;
}


return $return;
}


Works like a charm

What happens if each field has a different Decryption key, and they are not known? Are you going to keep your AES (en/de)cryption keys in your source code?

Seems silly to store the AES (en/de)cryption key in the database, if it is the database records that you are trying to secure.

Guelph is right, there is not a manageable way to do this without multiple variables and multiple security concerns.

A better way is to store them as MD5, which can be pulled and unencrypted without a key value, using the right functions.

well actualy you can with help of a other coder i created the following function:
you are right, I should have elaborated, not directly in mysql you can't.

A better way is to store them as MD5, which can be pulled and unencrypted without a key value, using the right functions.

two things about this

1) you should use SHA1 and not MD5 as MD5 has been cracked and is now not considered secure

2) both SHA1 and MD5 are one way hashing algorithms, meaning they aren't able to be decrypted. you merely enter the value you are checking, hash that value and then compare it to the hashed value already in the table.

I dont have different keys one that is only accessible trough a script. And what guelphdad alredy said about the md5 that it is not decryptble by function (php). If it is it would ideed not be secure anymore.

Thx for the comment