Re: [PHP-DB] Storing Credit Card info - Encryption Functions

Thu, 17 Jan 2002 18:54:15 -0800 

Hi olinux,

This is what I ended up doing. This will work if you have a PHP that was
compiled with mcrypt as it is, just pass the info to your encrypt and
decrypt functions. The key I used is 123 but you can use something
different. The Initialization Vector is hard coded, but there is a function
that will generate a new one for you. Look at the mcrypt_encrypt and
mcrypt_decrypt functions at php.net for details. I lifted the hex2bin() from
the user comments If I remember correctly.

Have Fun...

-Paul

////////////////////////////////////////////////////////////////////////////
/////////////////
function encrypt($plainText)
{
 return(bin2hex(mcrypt_encrypt (MCRYPT_RIJNDAEL_256, "123", $plainText,
MCRYPT_MODE_ECB,
hex2bin("f6d53befbaac65a609e24d4b3a573ec56618b185280b615b6cde67793c7e4091"))
));
}
////////////////////////////////////////////////////////////////////////////
/////////////////
function decrypt($cipherText)
{
 return(mcrypt_decrypt (MCRYPT_RIJNDAEL_256, "123", hex2bin($cipherText),
MCRYPT_MODE_ECB,
hex2bin("f6d53befbaac65a609e24d4b3a573ec56618b185280b615b6cde67793c7e4091"))
);
}
////////////////////////////////////////////////////////////////////////////
/////////////////
function hex2bin($data) {
 $len = strlen($data);
 for($i=0;$i<$len;$i+=2) {
 $newdata .= pack("C",hexdec(substr($data,$i,2)));
 }
 return $newdata;
}
////////////////////////////////////////////////////////////////////////////
/////////////////

----- Original Message -----
From: "olinux" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, January 17, 2002 1:22 PM
Subject: [PHP-DB] Storing Credit Card info


> I have a client that would like to store credit card
> information online. I have worked with shopping cart
> type systems in the past, but never stored CC info.
>
> What is the best way to do this? I was thinking that I
> can write and read using include() to a directory that
> is not available to the web. Then just display these
> on SSL so that the client can retrieve the numbers.
> Any ideas?
>
> Thanks much,
> olinux
>
> __________________________________________________
> Do You Yahoo!?
> Send FREE video emails in Yahoo! Mail!
> http://promo.yahoo.com/videomail/
>
> --
> PHP Database Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>

-- 
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to