[pmwiki-users] Flat files crypt/decrypt
Patrick R. Michaud
pmichaud at pobox.com
Wed Oct 24 11:47:32 CDT 2007
On Thu, Oct 25, 2007 at 12:38:00AM +0900, Paul John wrote:
> Dear PmWiki-User,
>
> The scenario:
>
> The pages are password protected and while the page is displayed in before
> hand it had been decrypted.
>
> Is their an in-build function in PmWiki, that allows when the flat is
> writing in the wiki.d directory instead of plain text it is crypted with
> the crypt() function. Of course the crypt process would take a bit longer
> but the file could not be read by someone.
Note that the crypt() function is a one-way encryption, there's
not a way to decrypt something that has been encrypted with crypt().
You probably mean something like mcrypt() instead. Not all PHP
installations have mcrypt available -- it has to be configured in
as part of the PHP build.
The tricky part to the whole process is figuring out where to
store the encryption key ...the key has to be stored in cleartext
somewhere, so anyone who is able to gain the encryption key (e.g.,
by looking at the configuration file containing the key) will also
be able to decrypt the files.
There has also been some discussion about this at
http://www.pmwiki.org/wiki/PITS/00545 .
Pm
More information about the pmwiki-users
mailing list