Allow for settings of this module to be pulled from settings.php variables.

Comments

rickmanelius’s picture

rickmanelius CreditAttribution: rickmanelius commented

Hi @Cellar Door. All Drupal 7 variables can be stored in settings.php through the $conf variable. Here is an example http://www.newmediadenver.com/blog/57

What is more appropriate/accurate is to provide the ability to specify an encrypted value that is then converted at the appropriate time once de-crypted. There might need to be a strategy where there is a flag to note the data is encrypted. Perhaps a prefix? Example: "townsec:8298929adjfafnwuauz82jx7"?

Cellar Door’s picture

Cellar Door CreditAttribution: Cellar Door commented
Title: Pull settings from settings.php » Encrypt settings.php varuables
Project: Townsend Security Key Connection » Encrypt

@rickmanelius -

After talking with rlhawk, we think this is best put into the encrypt platform itself rather than implemented on a per supporting module basis. This way ALL the config for any module is held in this higher security and not just this module.

To address your idea here though, taking those configs, encrypting them is a great idea that we shouldn't limit to just this module. Being able to have a way to define if a config variable is encrypted and by which method would work great with the new config management. This would then allow you to define a conf variable as:

encrypt:townsec:8298929adjfafnwuauz82jx7

This would then flag the variable to be decrypted with that specific config.

Moving to the Encrypt module for this to be included after 2.x release.

Cellar Door’s picture

Cellar Door CreditAttribution: Cellar Door commented
Version: 7.x-1.x-dev » 7.x-2.x-dev

Updating version

Cellar Door’s picture

Cellar Door CreditAttribution: Cellar Door commented
Title: Encrypt settings.php varuables » Encrypt settings.php variables

Fix fat finger misspelled title

gisle’s picture

gisle
he/him
Primary language Norwegian Bokmål
Location Norway
CreditAttribution: gisle at Hannemyr Nye Medier AS commented
Category: Task » Feature request
Status: Active » Closed (won't fix)

Not much has happened to this in 5 years.

Personally, I believe that adding code to deal specifically with settings.php-variables is outside the scope of this module. Encrypt is an API module that provides two functions: encrypt() and decrypt(). It doesn't care about where the output of those functions are stored - that is up to client.

If you want this: Implement a client module to interact with the settings.php-variables, and use this module to encrypt and decrypt.