WordPress.org

Ready to get started?Download WordPress

Forums

User data encryption (7 posts)

  1. StephanWizcorp
    Member
    Posted 1 year ago #

    Hi there!

    I'm using WordPress for a website project where there're some requirements about privacy respect. Thus, I would to encrypt my data user using a AES algorithm. As I'm developing a custom plugin, I have no problem to encrypt my user's sensitive data, because I provide the page that contains the registration for. But the problem is when it comes to display and modifiy these information in the core WordPress' backend. I couldn't find out where and how I could do that... I've looked for this information in the Internet for hours without being able to find it.
    I've found this page https://code.google.com/p/wordpress-aes/ where a guy has developed a repo on Google Code, doing (almost) the stuff I want to do, and he tells that he sent a mail to people at WordPress for merging his code into WordPess' core. As that guy did not do a plugin or whatever, it lets me think that it's not possible to modify the reads and writes done from and to the database, from the backend...
    Could some one help me about this issue?
    Thanks in advance.

  2. bcworkz
    Member
    Posted 1 year ago #

    It depends on what you're encrypting. Some functions have filter hooks you could use to encrypt and decrypt data in the DB. Others do not. Also, where you do this matters. WP sanitizes and otherwise alters data before it is stored. You must encrypt only after this is done.

    Some data WP does not use internally, so you can do whatever you want with it. Data that WP does use is not expected to be encrypted, so you must find a hook to decrypt the data before WP tries to use it. You will need to do an analysis on a field by field basis to determine if your project is viable or not.

  3. StephanWizcorp
    Member
    Posted 1 year ago #

    I want to encrypt user's sensitive data, so things like the name (first and last), and the mail address mainly. But, those data are used by WordPress for the core's login feature right?

    You must encrypt only after this is done.

    Yep, that's my point, I'm looking for a way to do it very properly, without having to hack the WordPress core code, otherwise each WordPress' update will erase my modifications...

    Data that WP does use is not expected to be encrypted, so you must find a hook to decrypt the data before WP tries to use it.

    Hmmmm, that is actually my problem, I need to encrypt those data for privacy respect purposes...

    EDIT: so, just to be clear, is there a hook that would allow me to encrypt and decrypt the users' data before / after Word Process starts reading / writing them? I've searched a lot on the Internet without being able to find any solution... =/

  4. bcworkz
    Member
    Posted 1 year ago #

    AFAIK, only the user login and email are used internally by WP. The true names may be used by the theme for display, but the mishandling of encryption will only munge the page, not break anything.

    It sounds like you're expecting there to be one or two magic points where you can encrypt and decrypt data. It may turn out to be the case, but I really doubt it. You'll likely need to locate separate encrypt and decrypt hooks for each field, if they exist at all.

    To find these, you'll need to dig into the core code, tracing form input through to the DB and back out again to a page. Hopefully along that path you'll find the hooks you are looking for. One possible shortcut to finding hooks would be to study the WP_User class definition. It's quite likely all user data gets channeled through this class.

    I know you're hoping for someone being able to tell you exactly what hooks to use. You never know, it's worth asking. I myself don't know what they are, I'd have to do what I just told you to do myself. If I had more time, I might have had a look for you, but unfortunately I don't have the time right now. Sorry. Happy hunting.

  5. StephanWizcorp
    Member
    Posted 1 year ago #

    OK, thank you bcworkz, it's unfortunately what I expected actually. Indeed, I'm looking for two magic hooks that will allow me to manipulate DIRECTLY the data coming out and in from and to the database. As I couldn't find any clue about it, I thought that I should hack WordPress' core code for that, but I would like to avoid it, fearing that an update of WordPress will erase my hack.

    I'll take a look to the WP_User class, hoping that I'll find something interesting, but I think I've already taken a look tover there... If I can find something somewhere, I'll post my solution here.

    Thank you once again for your help.

  6. jeanmorency
    Member
    Posted 11 months ago #

    Hi StephanWizcorp!

    Did you make any progress on your project.

    I have similar goals.

    Thank you for taking the time to write an update.

  7. LoneWolf95665
    Member
    Posted 6 months ago #

    I am also interested in having form data security sent /received

Topic Closed

This topic has been closed to new replies.

About this Topic