TinyWebDB with PHP and Extension to Encrypt data

juananton1991 · May 7, 2020, 8:03am

In this old forum I put information about creating a TinyWebDB using PHP (2017):
https://groups.google.com/forum/#!category-topic/mitappinventortest/apps-tips--tricks/wi8w1x6ljPc

Now I will post the code more clearly and add an extension to encrypt the data.

1.- Create a TinyWebDB database with a PHP file.

We upload this file to our hosting:

tinywebdb.php

<?php
   // Juan Antonio Villalpando
  // http://kio4.com/appinventor/8A_MiniWebDB_TinyWebDB.htm
  
$receive_post = $_SERVER["REQUEST_URI"];
$tag = $_POST['tag'];
$file = 'tinywebdb.htm';

// If file not exist, create.
if (!file_exists($file)) {$create = fopen($file, 'w');}

if(strpos($receive_post,'storeavalue')){

			//////////////////////////////// If exist that tag, DELETE it
			//// to avoid repeating that tag.
			$arc = file($file);
			$auxi = fopen($file,"w");
			foreach($arc as $line)
			{ $fields = explode(":", $line);
			if ($fields[0] != $tag) { fputs($auxi, $line); }
			}
			fclose($auxi);
			/////////////////////////////////////////////////////////////////////
                                                                    
///////////////////////////////////////////////////////////////////////////////////////////////////
// STORE TAG AND VALUE
                                                                  
	$valueToStore = $_POST['value'];
	$line = $tag.":".$valueToStore.":\n";
	  
	$auxi = fopen($file, 'a'); // Add $line to file tinywebdb.htm 
	fwrite($auxi, $line);

} else {
///////////////////////////////////////////////////////////////////////////////////////////////////
// GET VALUE OF TAG.

// Search in file tinywebdb.htm value for that tag.
$auxi = fopen($file, 'r');
$exist = ""; 

while(!feof($auxi)){
    $line = fgets($auxi);
    $fields = explode(":", $line);

    if ($fields[0] == $tag) {
        $value =$fields[1];
        $exist = true;
    }
}

// Sends result.
	if ($exist){ $result = array("VALUE", $tag, $value);}    // Send value
	else { $result = array("VALUE", $tag, "Not_found");}  // Send "Not_found".
	 
	$result_in_JSON = json_encode($result);
	echo $result_in_JSON;
	 }
 
fclose($auxi);
?>

We place a TinyWebDB component and in Property ServiceURL we put the internet address of the tinywebdb.php file, example: https://mydomain/tinywebdb.php
We can use the TinyWebDB component as we normally do.
The data will be saved in the tinywebdb.htm file.

juananton1991 · May 7, 2020, 8:05am

2.- Now we are going to use an extension to encrypt the data , in the upload, in the storage and in the download.

KIO4_SecretKey.aix
(This extension works with API 26+ (Android 8+), but I can change it for other versions.)

This extension is based on:
https://developer.android.com/reference/javax/crypto/Cipher

https://developer.android.com/reference/javax/crypto/SecretKeyFactory

https://developer.android.com/reference/android/util/Base64

en.wikipedia.org

Salt (cryptography)

In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes data, a password or passphrase. Salts are used to safeguard passwords in storage. Historically a password was stored in plaintext on a system, but over time additional safeguards developed to protect a user’s password against being read from the system. A salt is one of those methods. A new salt is randomly generated for each password. In a typical setting, the salt and the password (or i…

This extension cipher the KeySecret by adding Salt and with that key encodes the data in Base 64

We set SecretKey + Salt and encrypt the data.
They will be sent in Base 64 encrypted.
The data will be stored encrypted in the database.

In the data file we will obtain this type of information.
tinywebdb.htm

vnjIYkwtSAJMvI5YhWfnpg==:"77AFfhf7h25w5ZVp+St28vKuLj+qgOHo8ovBX5H+2Iw=":
1Fg5AVSB5CFqLJ/c71WqPg==:"Byimv8XYeqSNZ+c4gstAUkNzzW7l4wMNCTN6IEwkN+A=":
UjpIv4gqG34l61B0SZtCeg==:"DthkwsyLP5CEjVqYhRLchg==":
gsIQ+TWc0PA3HtV6eP4gng==:"Ip2gx\/lfzShn1jsxqdio9g==":

The tags and values are encrypted.

Regards,
Juan A. Villalpando
App inventor. Crear una MiniWebDB mediante PHP codificada mediante una extensión. TinyWebDB. (Tutorial in Spanish)

Peter · May 7, 2020, 8:07am

Did you know about this TinyWebDB with PHP made by @Diego?

juananton1991 · May 7, 2020, 8:16am

As you will have read in my post, I made this code in 2016 (maybe before) and I published it in the App Inventor forums on January 14, 2017.

https://groups.google.com/forum/#!category-topic/mitappinventortest/apps-tips--tricks/wi8w1x6ljPc

Diego’s post was published in July 2018, that is, a year and a half after mine, so I published it earlier.

Edit: They are also different codes.

Peter · May 7, 2020, 8:24am

Hi,

It was not about who was first. It was just about different versions of the same idea.

Nice work by the way.

himalayanxtiger · July 24, 2020, 1:09pm

Thank you soo much

Oscar_Reis · June 2, 2021, 5:21pm

is it possible to do the decrypt in php using openssl_decrypt?

Alex_Ramirez · June 14, 2021, 9:21pm

I have the same question, how can we decrypt this on the server side using php or some other language