Currently I'm encrypting user sensitive data before storing it in the database:
// salt retrieved from config file
$salt = 'a1b915580757c17c38a986faab21493d';
$sql = "insert into `appointments` (`id`, `appointment_date`,
`appointment_email_address`) values (null, :date, AES_ENCRYPT(:email_address,
'" . $salt . "'))";
Obviously description of the retrieved data is done using the same salt.
I'd prefer to change the salt value periodically, but how would I be able to access data in the database that was encrypted using a previous salt value?
Many thanks for your support, Durian.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…