Lets assume you have sensitive files that are being uploaded with PHP and you are using a 'secure' encryption method that cannot be decrypted without the key. But here is the issue I have:

My sensitive files are on the server (windows). My key to decrypt them are also on the server. So in theory, any hacker that can get access to my filesystem, would be able to get to any encrypted or decrypted files since he would be able to access the decryption key.

The only advantage to encryption in this case is if only the files or only the encryption key is taken. Otherwise a determined hacker could access any file with a little bit of work.

Am I missing something? Anyway to get around this? Seems this is a hopeless situation and encryption does nothing to protect against this. Only way I can think to minimize the risk is to store the decryption key on a second server, and hope the hacker doesn't get the contents of the second server.