PHP Magazine has a new article from author Robert Peake covering a topic that's becoming more and more needed in online applications today - encryption. Specifically, he covers using mcrypt to safeguard your data.

In a new article in our online articles section, PHP Magazine author Robert Peake defines two-way key cryptography and explains how it differs from other well known PHP functions, like md5 and rot13, and when it is appropriate to use one-way hashing or two-way encryption. Then he walks you through installing mcrypt as a dynamically loadable extension. Further, two applications are explored: encrypting cookies, and encrypting database information (such as credit card numbers). The article will point out some of the security implications of creating an encryption/decryption scheme in a plain text scripting language, and offer solutions such as encoding, source-compiling commands, and authoring new extensions.

I'm glad that he talks about securing the PHP code that handles the encryption as well as the data inside the application. Since PHP can be quickly and easily read, the decryption scheme can be easily discerned...but, with a little extra effort, you can safeguard against that as well...