How Encrypt PHP Desktop Back End (DB)
891 views
Skip to first unread message
ARUNKUMAR VK
Oct 20, 2014, 5:31:35 AM10/20/14
to phpde...@googlegroups.com
I use "sqlite" (PDO) database for my phpdesktop application. But i can't protect my db from end user (example when i open my sqlite db in notpad it will open and user can see which db is used) So is there any idea to protect sqlite database? php_sqlite3.dll and php_pdo_sqlite.dll support encryption support? useful link http://stackoverflow.com/questions/5669905/sqlite-with-encryption-password-protection
Czarek Tomczak
Oct 20, 2014, 6:36:56 AM10/20/14
to phpde...@googlegroups.com
The sqlite3 extension has an "encryption_key" parameter passed to ::__construct() and ::open() methods. See: http://php.net/manual/en/sqlite3.construct.php . Unfortunately by default PHP sqlite does not come with built-in support for encryption, as you can read in comment by bohwaz. SQLCipher is an open source extension to sqlite that provides transparent AES encryption. You can compile from sources and have it for free, or pay for the prebuilt binaries. Official documentation provides only instructions for Linux: https://www.zetetic.net/sqlcipher/sqlcipher-for-php . To compile on Windows using Mingw/msys compiler see: a) http://stackoverflow.com/questions/2515774/sqlcipher-mingw-msys-problem b) https://groups.google.com/forum/#!topic/sqlcipher/VcYpa1a_RTM . To compile using Visual Studio see: http://www.jerryrw.com/howtocompile.php .
On Mon, Oct 20, 2014 at 11:31 AM, ARUNKUMAR VK <arunoff...@gmail.com> wrote:
I use "sqlite" (PDO) database for my phpdesktop application. But i can't protect my db from end user (example when i open my sqlite db in notpad it will open and user can see which db is used) So is there any idea to protect sqlite database? php_sqlite3.dll and php_pdo_sqlite.dll support encryption support? useful link http://stackoverflow.com/questions/5669905/sqlite-with-encryption-password-protection
--
You received this message because you are subscribed to the Google Groups "PHP Desktop" group.
To unsubscribe from this group and stop receiving emails from it, send an email to phpdesktop+...@googlegroups.com.
Visit this group at http://groups.google.com/group/phpdesktop.
For more options, visit https://groups.google.com/d/optout.
anyand...@gmail.com
Jan 28, 2015, 3:49:45 PM1/28/15
to phpde...@googlegroups.com
so what did you end up doing? out of curiosity. And to Czarek... if I use SQLCipher to encrypt the sqlite file, will the php sqlite3 functions be able to open it as long as i pass the encryption key? Also, given that the source code is visible to the user, where would i safely store the encryption key? Would I need to also use a program that "scrambles" the php code? thanks so much.
Czarek Tomczak
Jan 28, 2015, 5:07:00 PM1/28/15
to phpde...@googlegroups.com, anyand...@gmail.com
@anyandallart The first question, I don't know, never played with it. Regarding source code protection see https://code.google.com/p/phpdesktop/wiki/KnowledgeBase#How_do_I_protect_PHP_sources_in_"www"_directory?
Sreenadh OG
Jan 29, 2015, 4:48:18 AM1/29/15
to phpde...@googlegroups.com, anyand...@gmail.com
@ anyand
I ended up using the un-encrypted sqlite3 db itself, even though I store it at a different location with an unusual name. It would be great it Czarek could provide us with the compiled version of SQLCipher encrypted Sqlite3 db (i.e. Sqlite3 db version that supports SQLCipher encryption) at least along with his proposed commercial version. (I am not that good in 'compiling from source' etc) Regarding php source code obfuscation, encoding and encryption a lot of discussion has already happened in this forum and Czarek has already provided clear guidance in the knowledge base.
Thanks and regards,
Sreenadh
I ended up using the un-encrypted sqlite3 db itself, even though I store it at a different location with an unusual name. It would be great it Czarek could provide us with the compiled version of SQLCipher encrypted Sqlite3 db (i.e. Sqlite3 db version that supports SQLCipher encryption) at least along with his proposed commercial version. (I am not that good in 'compiling from source' etc) Regarding php source code obfuscation, encoding and encryption a lot of discussion has already happened in this forum and Czarek has already provided clear guidance in the knowledge base.
Thanks and regards,
Sreenadh
amb...@simplifinetworks.com
Nov 3, 2017, 9:43:43 AM11/3/17
to PHP Desktop
Hey so if i happen to get the sqlite3.dll for the compiled sqlcipher file how do i intergrtate it into my php app ..how do i add it as an extension thanks..
Czarek Tomczak
Nov 3, 2017, 10:57:47 AM11/3/17
to PHP Desktop
Edit phpdesktop/php/php.ini file.
amb...@simplifinetworks.com
Nov 7, 2017, 8:27:44 AM11/7/17
to PHP Desktop
i have compiled sqlcipher and got sqlite3.dll, sqlite3.lib and a bunch of other files along with the .exe which i ran and it worked perfect.
my problem is loading the .dll file in php/ext and i load it and edit the php.ini i get the following error NB: i renamed the sqlite3.dll to php_sqlite3.dll and replaced the one that shipped with php desktop. Help!!!
my problem is loading the .dll file in php/ext and i load it and edit the php.ini i get the following error NB: i renamed the sqlite3.dll to php_sqlite3.dll and replaced the one that shipped with php desktop. Help!!!
**********************************************
PHP Warning: PHP Startup: Invalid library (maybe not a PHP library) 'php_sqlite3.dll' in Unknown on line 0
[Welcome to phpdbg, the interactive PHP debugger, v0.5.0]
To get help using phpdbg type "help" and press enter
[Please report bugs to <http://bugs.php.net/report.php>]
prompt>
Czarek Tomczak
Nov 7, 2017, 9:21:25 AM11/7/17
to PHP Desktop
Please read forum rules, you should create a separate topic for your issue. Your extension is probably meant for a different php version.
ambrose ahurra
Nov 7, 2017, 11:09:21 AM11/7/17
to PHP Desktop
My bad there..
Noted.
Noted.
Reply all
Reply to author
Forward
0 new messages