Hi there. I would like to make an email system on my website. I would bassically like a list of peoples names and there emails, then i can select whom i want to send an email to... Right heres the catch... It is for my local scout group and i will be storing the names and email address of 14-17 year olds in a database. Can you tell me how to make a secure script for doing this and how to store the information securley?

Scott

Because you need the access to the raw data to make any use of it, a standard md5 or sha1 hash is out of the question. You could use the following function (thanks to bokeh) which makes use of the Vigenère cipher (http://en.wikipedia.org/wiki/Vigen%C3%A8re_cipher) encryption concept.

function vigenere($target, $key, $decode = false)
{
$alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$alphabet_array = preg_split('/\B/', $alphabet);
foreach($alphabet_array as $row)
{
$i = 0;
foreach($alphabet_array as $column)
{
$table[$row][$column] = $alphabet[$i++];
}
$alphabet = substr($alphabet, 1).substr($alphabet, 0, 1);
}
$target = preg_replace('/[^A-Z]+/', '', strtoupper($target));
$key = preg_replace('/[^A-Z]+/', '', strtoupper($key));
if(!$target or !$key) return false;
$len = strlen($target);
while(strlen($key) < $len) $key .= $key;
$output = '';
for($i = 0; $i < $len; $i++)
{
if($decode)
{
$letter_array = array_keys($table[$key[$i]], $target[$i]);
$output .= $letter_array[0];
}
else
{
$output .= $table[$key[$i]][$target[$i]];
}
}
return $output;
}
Then encrypt both names, and emails, by passing them with your secret key to the function.
// example
$secret_key = 'Secret';
$name = 'FooBar';
$email = 'foo@bar.com';

$encrypted_name = vigenere($name, $secret_key);
$encrypted_email = vigenere($email, $secret_key);
Then insert the encrypted values into your database.
// example
@mysql_connect('localhost', 'username', 'password') or die(mysql_error());
@mysql_select_db('db_name') or die(mysql_error());

$sql = "
INSERT INTO `table_name` (name, email)
VALUES ('$name', '$email')";
@mysql_query($sql) or die(mysql_error());
Then retrieve and decode this data when you would like to use it.
$secret_key = 'Secret';

@mysql_connect('localhost', 'username', 'password') or die(mysql_error());
@mysql_select_db('db_name') or die(mysql_error());

$sql = "
SELECT name, email
FROM `table_name`";
$result = @mysql_query($sql) or die(mysql_error());

echo "<table>\n <tr>\n <th>Name:</th>\n <th>E-mail:</th>\n";
while($row = mysql_fetch_assoc($result)) {
$decoded_name = vigenere($row['name'], $secret_key, true);
$decoded_email = vigenere($row['email'], $secret_key, true);
echo " <tr>\n <td>$decoded_name</td>\n <td>$decoded_email</td>\n </tr>\n";
}
echo "</table>";

Hi, i just managed to decrypt the data with this script.
http://www.math.tamu.edu/~dallen/hollywood/breaking/v.htm

Any other ideas? Im not being fussy, but when your handling the email addresses of young people, secruity has to be rather important... Apparently i also need to know what encryption method im using and how many bits the key length is.. any help would be greatly appeciated!

Hi, i just managed to decrypt the data with this script.
http://www.math.tamu.edu/~dallen/hollywood/breaking/v.htm

Any other ideas? Im not being fussy, but when your handling the email addresses of young people, secruity has to be rather important... Apparently i also need to know what encryption method im using and how many bits the key length is.. any help would be greatly appeciated!

When you're dealing with any personally identifiable data you should be fussy! Really you should be using a server with SLL for this. Both to access the data and to post the data (even if it is only names and numbers).

the foolowing are some useful links discussing database encryption
http://datasecurity.wordpress.com/2006/08/09/methods-of-encrypting-data/ (http://http://datasecurity.wordpress.com/2006/08/09/methods-of-encrypting-data/)

Most PHP encryption scripts are fun but ultimately not really upto the job.

Hope that is of some help.

Hi, i just managed to decrypt the data with this script.
http://www.math.tamu.edu/~dallen/hollywood/breaking/v.htm

Any other ideas? Im not being fussy, but when your handling the email addresses of young people, secruity has to be rather important... Apparently i also need to know what encryption method im using and how many bits the key length is.. any help would be greatly appeciated!
For someone to successfully decrypt your encrypted data they must have the encoder key. This can only be obtained if someone has access to your raw php (this can only be accessed via the server).

So i can chose any key i would like.. so i could use Webdevloper as the key if i wanted to?

If you are the only one who is going to to be using this data why do you need it on your website, why not just use your own email client?

Because i wont be the only one using it!

So are the kids going to use it to email each other? Is it only for the scout leaders? and have you got the parents written consent to do this? Secure or not I certainly wouldn't give you permission to put my child's details online. Just something to think about

Hi, i just managed to decrypt the data with this script.
http://www.math.tamu.edu/~dallen/hollywood/breaking/v.htm
Of course you can decrypt it if you have the key.

Also if you are on a shared server that is a much bigger problem for security then any other issue.