How I used PHP to encrypt and decrypt data stored in a binary format

When making an e-commerce website, you should NOT store any credit card information in your database. There are all sorts of legal rules to follow (you can look up “PCI Compliance”), so the safest way is to use another company to store this information (at the time of writing, Stripe is pretty popular).

But what if you need to store other “sensitive” data, not necessarily pertaining to a credit card? You should encrypt the data.

You don’t want to store data in “plain text.” You should, at minimum, encrypt the data. Then when you need it displayed on the webpage, you can decrypt it.

When I first encountered this in PHP years ago, I found the best way was to use an algorithm called “blowfish”. When I Google for a solution now, there seem to be some built-in PHP functions like openssl_encrypt() and openssl_decrypt()

Anyways, Blowfish apparently encrypts data in a binary format. The output, when printed on a page, looks like special characters of a Wing Dings font. But beware that some databases (whether it’s your own, or a third party application solution) may not be able to store binary data.

The solution: I used the PHP function base64_encode() to encrypt the data first and then base64_decode() after to view it.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store