User data encryption

It depends on what you’re encrypting. Some functions have filter hooks you could use to encrypt and decrypt data in the DB. Others do not. Also, where you do this matters. WP sanitizes and otherwise alters data before it is stored. You must encrypt only after this is done.

Some data WP does not use internally, so you can do whatever you want with it. Data that WP does use is not expected to be encrypted, so you must find a hook to decrypt the data before WP tries to use it. You will need to do an analysis on a field by field basis to determine if your project is viable or not.

I want to encrypt user’s sensitive data, so things like the name (first and last), and the mail address mainly. But, those data are used by WordPress for the core’s login feature right?

You must encrypt only after this is done.

Yep, that’s my point, I’m looking for a way to do it very properly, without having to hack the WordPress core code, otherwise each WordPress’ update will erase my modifications…

Data that WP does use is not expected to be encrypted, so you must find a hook to decrypt the data before WP tries to use it.

Hmmmm, that is actually my problem, I need to encrypt those data for privacy respect purposes…

EDIT: so, just to be clear, is there a hook that would allow me to encrypt and decrypt the users’ data before / after Word Process starts reading / writing them? I’ve searched a lot on the Internet without being able to find any solution… =/

AFAIK, only the user login and email are used internally by WP. The true names may be used by the theme for display, but the mishandling of encryption will only munge the page, not break anything.

It sounds like you’re expecting there to be one or two magic points where you can encrypt and decrypt data. It may turn out to be the case, but I really doubt it. You’ll likely need to locate separate encrypt and decrypt hooks for each field, if they exist at all.

To find these, you’ll need to dig into the core code, tracing form input through to the DB and back out again to a page. Hopefully along that path you’ll find the hooks you are looking for. One possible shortcut to finding hooks would be to study the WP_User class definition. It’s quite likely all user data gets channeled through this class.

I know you’re hoping for someone being able to tell you exactly what hooks to use. You never know, it’s worth asking. I myself don’t know what they are, I’d have to do what I just told you to do myself. If I had more time, I might have had a look for you, but unfortunately I don’t have the time right now. Sorry. Happy hunting.

OK, thank you bcworkz, it’s unfortunately what I expected actually. Indeed, I’m looking for two magic hooks that will allow me to manipulate DIRECTLY the data coming out and in from and to the database. As I couldn’t find any clue about it, I thought that I should hack WordPress’ core code for that, but I would like to avoid it, fearing that an update of WordPress will erase my hack.

I’ll take a look to the WP_User class, hoping that I’ll find something interesting, but I think I’ve already taken a look tover there… If I can find something somewhere, I’ll post my solution here.

Thank you once again for your help.

Hi StephanWizcorp!

Did you make any progress on your project.

I have similar goals.

Thank you for taking the time to write an update.

I am also interested in having form data security sent /received