ExpressionEngine® User Guide

Legacy Documentation

You are using the documentation for version 4.3.8. Go here for the latest version.

Encrypt Service

The encrypt service provides two-way data encryption as well as signing and verification of signatures. The most common use is to encrypt parameters sent with form data.

Simple Examples

Encrypting some data:

$meta = array(
  'site_id' => 1,
  'entry_id' => 12,
  'author_id' => 23
  );
$var['meta'] = ee('Encrypt')->encrypt(serialize($meta));

Decrypting the same data:

$meta = ee('Encrypt')->decrypt($_POST['meta']);
$meta = unserialize($meta);

Note

Use encode() and decode() if you’d like the data automatically base64 encoded.

To sign data:

$signed = ee('Encrypt')->sign($data);

To verify the data hasn’t changed:

$safe = ee('Encrypt')->verifySignature($data, $signed);

Encrypt Methods

class EllisLab\ExpressionEngine\Service\Encrypt\Encrypt
EllisLab\ExpressionEngine\Service\Encrypt\Encrypt::encrypt($string, $key = '')

Takes a plain-text string and key and encrypts it

Parameters:
  • $string (string) – The plaintext string
  • $key (string) – The encryption key, if not defined we’ll use a default key
Returns:

The encrypted string on success or FALSE on failure

Return type:

string

EllisLab\ExpressionEngine\Service\Encrypt\Encrypt::decrypt($data, $key = '')

Takes an encrypted string and key and decrypts it.

Parameters:
  • $string (string) – The encrypted string
  • $key (string) – The encryption key, if not defined we’ll use a default key
Returns:

The decrypted string on success or FALSE on failure

Return type:

string

EllisLab\ExpressionEngine\Service\Encrypt\Encrypt::encode($string, $key = '')

Encodes the string with the set encryption driver and then base64 encodes that.

Parameters:
  • $string (string) – The plaintext string
  • $key (string) – The encryption key, if not defined we’ll use a default key
Returns:

A base64 encoded encrypted string

Return type:

string

EllisLab\ExpressionEngine\Service\Encrypt\Encrypt::decode($data, $key = '')

Decodes an encoded string by first base64 decodeing it, then passing the string off to the driver for its decoding process.

Parameters:
  • $string (string) – A base64 encoded encrypted string
  • $key (string) – The encryption key, if not defined we’ll use a default key
Returns:

The plaintext string

Return type:

string

EllisLab\ExpressionEngine\Service\Encrypt\Encrypt::sign($data, $key = NULL, $algo = 'md5')

Creates a signed hash value using hash_hmac()

Parameters:
  • $data (string) – Content to hash
  • $key (string) – The secret key, if not defined we’ll use a default key
  • $algo (string) – Hashing algorithm, defaults to md5
Returns:

String consisting of the calculated message digest as lowercase hexits or NULL if there is no data

Return type:

string

EllisLab\ExpressionEngine\Service\Encrypt\Encrypt::verifySignature($data, $signed_data, $key = NULL, $algo = 'md5')

Verify the signed data hash

Parameters:
  • $data (string) – Current content
  • $signed_data (string) – Hashed content to compare to
  • $key (string) – The secret key, if not defined we’ll use a default key
  • $algo (string) – Hashing algorithm, defaults to md5
Returns:

TRUE if the signed data is verified, FALSE if not, NULL if there is no data

Return type:

bool