how to encrypt order table
I've managed to encrypt the customers details on my database using mcrypt functions but I've noticed on the order table the details are not encrypted.
I want to apply the mcrypt function but I'm not sure what element have the function allied to.
I've worked out that it's the section of the confirm page that inserts the data in to the database and I applied the function but I have mixed results with the shipping name only half the information decrypts correctly (firstname).
<?php
// WA eCart Store Cart Summary in Db
if ($_SERVER["REQUEST_METHOD"] == "POST") // Trigger
{
$WA_connection = $vvsmso_01;
$WA_table = "tb_Orders";
$WA_redirectURL = "";
$WA_indexField = "intOrderID";
$WA_fieldNamesStr = "intOrderAmount|txtOrderShipName|txtOrderShipAddress|txtOrderShipAddress2|txtOrderCity|txtOrderState|txtOrderZip_Postcode|txtOrderCountry|txtOrderPhone|txtOrderFax|intOrderShipping|intOrderTax|txtOrderEmail|txtOrderDate|intCustomerID";
$WA_fieldValuesStr = WA_eCDB_ConvertNumber("".$VVcart->GrandTotal() ."") . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_firstname'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_firstname']):encryptcustomer($_SESSION['eCartCheckoutForm_firstname'])) ." ".(isset($_SESSION['eCartCheckoutForm_shipping_lastname'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_lastname']):encryptcustomer($_SESSION['eCartCheckoutForm_lastname'])) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_street1'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_street1']):encryptcustomer($_SESSION['eCartCheckoutForm_street1'])) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_street2'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_street2']):encryptcustomer($_SESSION['eCartCheckoutForm_street2'])) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_city'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_city']):encryptcustomer($_SESSION['eCartCheckoutForm_city'])) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_state_province'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_state_province']):encryptcustomer($_SESSION['eCartCheckoutForm_state_province'])) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_postcode'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_postcode']):encryptcustomer($_SESSION['eCartCheckoutForm_postcode'])) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_country'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_country']):encryptcustomer($_SESSION['eCartCheckoutForm_country'])) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_phone'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_phone']):encryptcustomer($_SESSION['eCartCheckoutForm_phone'])) ."" . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_fax'])?encryptcustomer($_SESSION['eCartCheckoutForm_shipping_fax']):encryptcustomer($_SESSION['eCartCheckoutForm_fax'])) ."" . "|" . WA_eCDB_ConvertNumber("".$VVcart->GetShipping() ."") . "|" . WA_eCDB_ConvertNumber("".$VVcart->GetTax() ."") . "|" . "".(isset($_SESSION['eCartCheckoutForm_shipping_email'])?$_SESSION['eCartCheckoutForm_shipping_email']:$_SESSION['eCartCheckoutForm_email']) ."" . "|" . "".(date('Y-m-d h:i:s')) ."" . "|" . WA_eCDB_ConvertNumber("".$_SESSION['intCustomerID'] ."");
$WA_columnTypesStr = "none,none,NULL|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|',none,''|none,none,NULL|none,none,NULL|',none,''|',none,''|none,none,NULL";
$WA_sessionName = "VVcart_OrderID";
$WA_Sql = "";
$NeedInsert = false;
$indexFieldIndex = -1;
$WA_fieldValues = explode("|", $WA_fieldValuesStr);
$WA_columns = explode("|", $WA_columnTypesStr);
$WA_connectionDB = $database_vvsmso_01;
$updateFieldValue = "";
mysql_select_db($WA_connectionDB, $WA_connection);
if (!session_id()) session_start();
if ($WA_redirectURL != "" && isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] !== "" && sizeof($_POST) > 0) {
$WA_redirectURL .= ((strpos('?', $WA_redirectURL) === false)?"?":"&").$_SERVER["QUERY_STRING"];
}
$WA_fieldNames = explode("|", $WA_fieldNamesStr);
$WA_columns = explode("|", $WA_columnTypesStr);
for ($i = 0; $i < sizeof($WA_fieldNames); $i++)
{
if ($WA_indexField == $WA_fieldNames[$i])
{
$indexFieldIndex = $i;
break;
}
}
$deleteFieldValue = "";
$updateColType = "none,none,NULL";
if ($indexFieldIndex >= 0) $updateFieldValue = $WA_fieldValues[$indexFieldIndex];
if ($updateFieldValue == "" && isset($_SESSION[$WA_sessionName])) $updateFieldValue = $_SESSION[$WA_sessionName];
if ($indexFieldIndex >= 0) $updateColType = $WA_columns[$indexFieldIndex];
if ($updateFieldValue != "") {
$updateParamsObj = WA_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, $indexFieldIndex);
$valueForWhere = WA_generateInsertParams(array($WA_indexField), array($updateColType), array($updateFieldValue), -1);
$WA_Sql = "update " . $WA_table . " SET " . $updateParamsObj->WA_setValues . " where " . $WA_indexField . " = " . $valueForWhere->WA_dbValues;
$WA_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
$_SESSION[$WA_sessionName] = $updateFieldValue;
$result = mysql_query("SELECT * FROM " . $WA_table . " where " . $WA_indexField . " = " . $valueForWhere->WA_dbValues, $WA_connection);
$num_rows = mysql_num_rows($result);
$NeedInsert = (mysql_num_rows($result) === 0);
}
if ($updateFieldValue === "" || $NeedInsert) {
$updateFieldValue = "";
$insertParamsObj = WA_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, -1);
$WA_Sql = "insert into " . $WA_table . " (" . $insertParamsObj->WA_tableValues . ") values (" . $insertParamsObj->WA_dbValues . ")";
$WA_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
$_SESSION[$WA_sessionName] = mysql_insert_id();
}
if ($WA_redirectURL != "") {
header("Location: ".$WA_redirectURL); exit;
}
}
?>