Skip to content

Instantly share code, notes, and snippets.

@dalethedeveloper

dalethedeveloper/gist:968926

Created May 12, 2011 16:52
Show Gist options
  • Save dalethedeveloper/968926 to your computer and use it in GitHub Desktop.
Save dalethedeveloper/968926 to your computer and use it in GitHub Desktop.
Download ZIP
Encrypt a WordPress Option using MySQL ENCRYPT()
Raw
gistfile1.php
/*
An example of using MySQL's ENCRYPT() and DECRYPT() functions to store
sensitive data in a Wordpress Option. In this case, a password.
This only provides a bare amount of security as your Key is likely stored somewhere
else in your code or database. Basically, its not plaintext.
http://dev.mysql.com/doc/refman/5.5/en/encryption-functions.html
*/
$pass = 'sup0rp3z';
$key = 'G95XkQKZ4vZO5jzHDhA8XEoPcqL4irTsSryF5Y8PxkvlHWbayZvsgaNrMciJjtN'; // Change this, make it long and random
// Save the password as a WP Option
global $wpdb;
$enc_pass = $wpdb->get_var( $wpdb->prepare( "SELECT AES_ENCRYPT(%s,%s)", $pass, $key ) );
update_option('my_safe_password',$enc_pass);
// Fetch the Password
$the_pass = get_option('my_safe_password');
$dec_pass = $wpdb->get_var( $wpdb->prepare( "SELECT AES_DECRYPT(%s,%s)", $the_pass, $key ) );
var_dump($enc_pass);
var_dump($dec_pass);
/*
string '��q��_l٦�W��$r' (length=16)
string 'sup0rp3z' (length=8)
*/
@Kos-M
Copy link

Kos-M commented Oct 20, 2022

Thanx for this , was a good starting point. After 12 years needs an update.
So you cant store bin as option , as i tested. need a string for that , so we had to convert bin to hex.

// encrypt
$enc_pass = $wpdb->get_var( $wpdb->prepare( "SELECT HEX( AES_ENCRYPT( %s, %s ) ) AS encString", $pass  , $key) );

// decrypt
$dec_pass = $wpdb->get_var( $wpdb->prepare( "SELECT AES_DECRYPT(UNHEX(%s),%s)", $the_pass,  $key ) );

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment