问题
People can register for a newsletter on my website. Their email address and other personal information will be encrypted in the database.
Now for that registration form I'd like to check if the newly inputted email address is already in my database, but as all emails are encrypted, I can't really check unless I loop through every possible email address, decrypt it and see if it matches the newly inputted email? Is that correct? Or is there a more efficient way to do this?
回答1:
If you use the same encryption key all the time, you can simply search for the encrypted version. If you do not, you can still store a hash of the addresses additionally and compare against that.
回答2:
Just a simple thought: create a table with a md5 hash of the mail and compare this in your SQL WHERE clause? Not sure if this is very effective..
来源:https://stackoverflow.com/questions/20990827/checking-for-double-email-addresses-which-are-encrypted-in-the-database