PHP encrypt - and decrypt otherthan base64 encode

Question

In one of our web application ( in PHP, MySQL ) we are saving user's mobile number as encrypted value and decrypt it when we send SMS to them. The application was pretty working well. But

now GoDaddy removed the option base64_encode and decode. So that we cant send SMS to users. So we revert back the mobile numbers to its normal state running it locally.

My question is which is the easiest and safe way to encrypt and decrypt a string using a key.

Something like

Normal string : 9876543210  -> After encrypt with a key -> AASASOOPFPOEROP45664654456
Encrypted string : AASASOOPFPOEROP45664654456 -> on decrypt -> 9876543210 

My current code

function encodeString($str){
  for($i=0; $i<5;$i++)
  {
    $str=strrev(base64_encode($str)); //apply base64 first and then reverse the string
  }
  return $str;
}


function decodeString($str){
 for($i=0; $i<5;$i++)
 {
    $str=base64_decode(strrev($str)); //apply base64 first and then reverse the string}
 }
 return $str;
}

Please help me . Thanks in advance

Answer 1

Well if you were using base64 encode/decode you weren't encrypting the data, just obfuscating.

I don't know what php extensions godaddy has enabled, so I would suggest going with something like phpSecLib

http://phpseclib.sourceforge.net/

It is a standalone implementation you can include into your scripts, and will provide actual encryption of your data. AES or Rijndael should work find for your application

Basically it will encrypt the string with a key, even if your database is compromised, the data can't be decrypted without the key it was encrypted with (which you would hard coded into your script). This is unlike simply encoding it, in which case if someone got ahold of the database, they could decode it by running the first string through a variety of different encoding methods until they find one that works. And then run the rest through the same decoding method