Simone lamorbidamacchina

## dao.php
<?php

class DAO {

  protected $db;

  public function setDb($db)
  {
      $this->db = $db;
  }

## index.php
<?php
// TODO: free text search, pagination
require_once("./includes/config.php");
include_once("./includes/dao.php");
$dao = new DAO();
$dao->setDb($db);

$genre_post = urldecode(filter_var($_GET['genre'],FILTER_SANITIZE_STRING,FILTER_FLAG_NO_ENCODE_QUOTES));
$album_year = filter_var($_GET['album_year'],FILTER_SANITIZE_STRING,FILTER_FLAG_NO_ENCODE_QUOTES);
$score_post = filter_var($_GET['score'],FILTER_SANITIZE_STRING,FILTER_FLAG_NO_ENCODE_QUOTES);

## gist:936c3bf5c2329b03f94dafb7d76fe8a7
### Keybase proof

I hereby claim:

  * I am lamorbidamacchina on github.
  * I am simonericci (https://keybase.io/simonericci) on keybase.
  * I have a public key whose fingerprint is 5B86 F14A C244 D2ED 6A21  A3A0 CAFA 96D0 52A4 A31F

To claim this, I am signing this object:

## gist:226e5664f82e0ca3997d40f5463a0070
### Keybase proof

I hereby claim:

  * I am lamorbidamacchina on github.
  * I am simonericci (https://keybase.io/simonericci) on keybase.
  * I have a public key whose fingerprint is 88CC 900D 1881 8C6D 9CD1  1C05 22A3 1DFD 9BE0 A600

To claim this, I am signing this object:

## subscribers.sql
CREATE TABLE subscribers (
  id int(11) NOT NULL, first_name varchar(255) DEFAULT NULL, last_name varchar(255) DEFAULT NULL, email varchar(255) DEFAULT NULL, phone varchar(255) DEFAULT NULL, privacy char(1) DEFAULT NULL, source varchar(255) DEFAULT NULL, ip varchar(255) DEFAULT NULL, email_hash varchar(255) DEFAULT NULL, phone_hash varchar(255) DEFAULT NULL, creation_date datetime DEFAULT NULL)
  ENGINE=InnoDB DEFAULT CHARSET=utf8;

ALTER TABLE subscribers
  ADD PRIMARY KEY (id),
  ADD KEY email_hash (email_hash),
  ADD KEY phone_hash (phone_hash);

## generate_key.php
<?php
// Generating your encryption key
$private_key = random_bytes(SODIUM_CRYPTO_SECRETBOX_KEYBYTES);
// Generating your blind index key
$index_key = random_bytes(SODIUM_CRYPTO_PWHASH_SALTBYTES);


## generate_key.php
<?php echo base64_encode($private_key);?>
<?php echo base64_encode($index_key);?>

## config.php
<?php
// generate values using /generate_key.php script
$private_key = ""; // INSERT PRIVATE KEY HERE
$index_key = ""; // INSERT BLIND INDEX KEY HERE

## dao.php
<?php
public function getBlindIndex($string)
	{
    $index_key = base64_decode($this->index_key);
    return bin2hex(
        sodium_crypto_pwhash(
            32,
            $string,
            $index_key,
            SODIUM_CRYPTO_PWHASH_OPSLIMIT_MODERATE,

## dao.php
<?php
function insert($first_name,$last_name,$email,$phone,$privacy,$source,$ip) {
    if ($first_name.''=='' || $last_name.'' == '' || $email.'' == '' || $phone.'' == '' || $privacy.'' == '') {
      return false;
     }
     else {
      // create blind index for encrypted searchable fields
      $email_hash = $this->getBlindIndex($email);
      $phone_hash = $this->getBlindIndex($phone);
      // get key for encryption
	<?php

	class DAO {

	protected $db;

	public function setDb($db)
	{
	$this->db = $db;
	}
	<?php
	// TODO: free text search, pagination
	require_once("./includes/config.php");
	include_once("./includes/dao.php");
	$dao = new DAO();
	$dao->setDb($db);

	$genre_post = urldecode(filter_var($_GET['genre'],FILTER_SANITIZE_STRING,FILTER_FLAG_NO_ENCODE_QUOTES));
	$album_year = filter_var($_GET['album_year'],FILTER_SANITIZE_STRING,FILTER_FLAG_NO_ENCODE_QUOTES);
	$score_post = filter_var($_GET['score'],FILTER_SANITIZE_STRING,FILTER_FLAG_NO_ENCODE_QUOTES);
	### Keybase proof

	I hereby claim:

	* I am lamorbidamacchina on github.
	* I am simonericci (https://keybase.io/simonericci) on keybase.
	* I have a public key whose fingerprint is 5B86 F14A C244 D2ED 6A21 A3A0 CAFA 96D0 52A4 A31F

	To claim this, I am signing this object:
	CREATE TABLE subscribers (
	id int(11) NOT NULL, first_name varchar(255) DEFAULT NULL, last_name varchar(255) DEFAULT NULL, email varchar(255) DEFAULT NULL, phone varchar(255) DEFAULT NULL, privacy char(1) DEFAULT NULL, source varchar(255) DEFAULT NULL, ip varchar(255) DEFAULT NULL, email_hash varchar(255) DEFAULT NULL, phone_hash varchar(255) DEFAULT NULL, creation_date datetime DEFAULT NULL)
	ENGINE=InnoDB DEFAULT CHARSET=utf8;

	ALTER TABLE subscribers
	ADD PRIMARY KEY (id),
	ADD KEY email_hash (email_hash),
	ADD KEY phone_hash (phone_hash);
	<?php
	// Generating your encryption key
	$private_key = random_bytes(SODIUM_CRYPTO_SECRETBOX_KEYBYTES);
	// Generating your blind index key
	$index_key = random_bytes(SODIUM_CRYPTO_PWHASH_SALTBYTES);
	<?php echo base64_encode($private_key);?>
	<?php echo base64_encode($index_key);?>
	<?php
	// generate values using /generate_key.php script
	$private_key = ""; // INSERT PRIVATE KEY HERE
	$index_key = ""; // INSERT BLIND INDEX KEY HERE
	<?php
	public function getBlindIndex($string)
	{
	$index_key = base64_decode($this->index_key);
	return bin2hex(
	sodium_crypto_pwhash(
	32,
	$string,
	$index_key,
	SODIUM_CRYPTO_PWHASH_OPSLIMIT_MODERATE,
	<?php
	function insert($first_name,$last_name,$email,$phone,$privacy,$source,$ip) {
	if ($first_name.''=='' \|\| $last_name.'' == '' \|\| $email.'' == '' \|\| $phone.'' == '' \|\| $privacy.'' == '') {
	return false;
	}
	else {
	// create blind index for encrypted searchable fields
	$email_hash = $this->getBlindIndex($email);
	$phone_hash = $this->getBlindIndex($phone);
	// get key for encryption