I'm creating an event website for high level participants, including some basic networking features. I LOVE the idea of participants sending private messages to each other via the website.

In an effort to protect communications as much as I can, what hooks can I look into to encrypt/decrypt private messages stored in the database? I don't mind attempting to build a module for this, and may use the Encrypt module to help.

Thanks for the tips in advance. :D


#5 Screen Shot 2018-02-06 at 11.54.28.png374.22 KBelvin
Members fund testing for the Drupal project. Drupal Association Learn more


ptmkenny’s picture

Category: feature » support
semei’s picture

I am also very interested in this.

Rabuntu’s picture

Yes i am very interested too.

alex.designworks’s picture

Issue summary: View changes


 * Implements hook_privatemsg_message_presave_alter().
function YOURMODULE_privatemsg_message_presave_alter(&$message) {
  $message->body = encrypt($message->body, ['base64' => TRUE]);

 * Implements hook_privatemsg_message_view_alter().
function YOURMODULE_privatemsg_message_view_alter(&$vars) {
  $vars['message_body'] = strpos($vars['message_body'], 'a:') === 0 ? decrypt($vars['message_body'], ['base64' => TRUE]) : $vars['message_body'];

Using strpos($vars['message_body'], 'a:') === 0 to quickly assess if current field was encrypted.

elvin’s picture

@Alex #4

when i implemented your code, the messages i sent would only appear encrypted to both me and the recipient. am i dont something wrong?

alex.designworks’s picture

@elvinI'm not sure what you mean by saying `only appear encrypted to both me and the recipient`. Anywhere you want to show the message, you need to call a decrypt() function explicitly, like in #4. This means that if you have a view with the message as a field - you need to alter a view result to decrypt it.