You are here

Home » API reference » Encrypt Submissions 6

README.txt in Encrypt Submissions 6

Same filename in this branch
  1. 6 README.txt
  2. 6 jcryption/README.txt
Same filename and directory in other branches
  1. 7 README.txt
; $Id$
=======================
Encrypt Submissions
(For Drupal 6)
=======================
Richard Peacock (richard@richardpeacock.com)

NOTE:  Initial backport to D6 (from D7) was done by user k8n (http://drupal.org/user/243127)


This module uses the jCryption plugin (http://www.jcryption.org) to encrypt any form
submission in Drupal using 265-bit public/private key encryption.
For example, you can use it to encrypt the login and registration
form, so a user's passwords are never transmitted in clear text.
This is similar to how SSL works to encrypt traffic.

It should be noted that this module is not a replacement for SSL, which
can protect against other types of attacks.  This module is intended
for those who desire some minimal security from hackers,
but either cannot afford an SSL certificate, or only need basic
protection of form data.  For full protection, you should purchase
an SSL certificate.


======================
Important Limitations
======================
Unlike the D7 version, this D6 version of encrypt_submissions requires jQuery 1.4.4, which
does not come packaged with Drupal 6.  So, a copy of jQuery 1.4.4 is included in this project.
As a result, some existing javascript may have trouble running on the same page
as a form which has encryption turned on.

If you plan on using this module in a production environment, please test
and re-test all of your pages which might have extra or unusual javascript requirements, to
make sure nothing breaks!


======================
Features
======================
 - Works on any Drupal forms-- login, search, content types, settings, and
   forms from other contributed modules.
 - 256-bit public/private key encryption.
 - The keys are generated freshly per-submission, reducing the chances of cycling attacks.
 - Administrators may specify that the module only encrypt certain form submissions,
   leaving other form submissions in the clear.
 - Can be used to encrypt passwords during login, similar to
   the Safer Login module for Drupal 6 (http://drupal.org/project/safer_login)
 - If the user has JavaScript disabled, then all form submissions still work
   using standard, unencrypted submissions.
 - Works with Libraries API


======================
Requirements
======================
 - This module requires you to download the jCryption libraries, located here:
   http://www.jcryption.org (version 1.2 or later)
   The "Production" download is all you need, though the "Package" download works
   as well.
 - These libraries were NOT programmed by this module's maintainer.  It was mostly
   programmed by Daniel Griesser, and comprises several other libraries by different
   authors.  Please visit http://www.jcryption.org/about for a full list of credits.

=======================
Restrictions
=======================
 - This module only works on forms which use POST as their method type.  This is most
   of the forms in Drupal, but possibly there are some contributed modules out there
   which use GET.
    
======================
Directions
======================

- Unpack the module files into /sites/all/modules/encrypted_submissions.

- Download the jCryption libraries (1.2 or later) and unpack them into:
  /sites/all/modules/encrypted_submissions/jcryption
  so that the jcryption.php file is located at:
  sites/all/modules/encrypt_submissions/jcryption/jcryption.php
  
- ** Important! ** Make sure the jcryption files are named the following:
  jcryption.php and jquery.jcryption.js
  Even if you choose to minify the js file, please make sure it is named
  simply jquery.jcryption.js.  

- If using Libraries API module, place files at:
    /sites/all/libraries/jcryption/*.*  (note jcryption is all lowercase)
  
- Enable the module, and be sure to enable the "access" permission for your users,
  or else no one will be able to use it.  If you are protecting the login and registration
  forms, be sure to give the "access" permission to anonymous users!

- Visit the configuration page to specify which forms you want it to work on.

File

README.txt
View source 
  1. ; $Id$

  2. =======================

  3. Encrypt Submissions

  4. (For Drupal 6)

  5. =======================

  6. Richard Peacock (richard@richardpeacock.com)

  7. 

  8. NOTE:  Initial backport to D6 (from D7) was done by user k8n (http://drupal.org/user/243127)

  9. 

  10. 

  11. This module uses the jCryption plugin (http://www.jcryption.org) to encrypt any form

  12. submission in Drupal using 265-bit public/private key encryption.

  13. For example, you can use it to encrypt the login and registration

  14. form, so a user's passwords are never transmitted in clear text.

  15. This is similar to how SSL works to encrypt traffic.

  16. 

  17. It should be noted that this module is not a replacement for SSL, which

  18. can protect against other types of attacks.  This module is intended

  19. for those who desire some minimal security from hackers,

  20. but either cannot afford an SSL certificate, or only need basic

  21. protection of form data.  For full protection, you should purchase

  22. an SSL certificate.

  23. 

  24. 

  25. ======================

  26. Important Limitations

  27. ======================

  28. Unlike the D7 version, this D6 version of encrypt_submissions requires jQuery 1.4.4, which

  29. does not come packaged with Drupal 6.  So, a copy of jQuery 1.4.4 is included in this project.

  30. As a result, some existing javascript may have trouble running on the same page

  31. as a form which has encryption turned on.

  32. 

  33. If you plan on using this module in a production environment, please test

  34. and re-test all of your pages which might have extra or unusual javascript requirements, to

  35. make sure nothing breaks!

  36. 

  37. 

  38. ======================

  39. Features

  40. ======================

  41.  - Works on any Drupal forms-- login, search, content types, settings, and

  42.    forms from other contributed modules.

  43.  - 256-bit public/private key encryption.

  44.  - The keys are generated freshly per-submission, reducing the chances of cycling attacks.

  45.  - Administrators may specify that the module only encrypt certain form submissions,

  46.    leaving other form submissions in the clear.

  47.  - Can be used to encrypt passwords during login, similar to

  48.    the Safer Login module for Drupal 6 (http://drupal.org/project/safer_login)

  49.  - If the user has JavaScript disabled, then all form submissions still work

  50.    using standard, unencrypted submissions.

  51.  - Works with Libraries API

  52. 

  53. 

  54. ======================

  55. Requirements

  56. ======================

  57.  - This module requires you to download the jCryption libraries, located here:

  58.    http://www.jcryption.org (version 1.2 or later)

  59.    The "Production" download is all you need, though the "Package" download works

  60.    as well.

  61.  - These libraries were NOT programmed by this module's maintainer.  It was mostly

  62.    programmed by Daniel Griesser, and comprises several other libraries by different

  63.    authors.  Please visit http://www.jcryption.org/about for a full list of credits.

  64. 

  65. =======================

  66. Restrictions

  67. =======================

  68.  - This module only works on forms which use POST as their method type.  This is most

  69.    of the forms in Drupal, but possibly there are some contributed modules out there

  70.    which use GET.

  71.     

  72. ======================

  73. Directions

  74. ======================

  75. 

  76. - Unpack the module files into /sites/all/modules/encrypted_submissions.

  77. 

  78. - Download the jCryption libraries (1.2 or later) and unpack them into:

  79.   /sites/all/modules/encrypted_submissions/jcryption

  80.   so that the jcryption.php file is located at:

  81.   sites/all/modules/encrypt_submissions/jcryption/jcryption.php

  82.   

  83. - ** Important! ** Make sure the jcryption files are named the following:

  84.   jcryption.php and jquery.jcryption.js

  85.   Even if you choose to minify the js file, please make sure it is named

  86.   simply jquery.jcryption.js.  

  87. 

  88. - If using Libraries API module, place files at:

  89.     /sites/all/libraries/jcryption/*.*  (note jcryption is all lowercase)

  90.   

  91. - Enable the module, and be sure to enable the "access" permission for your users,

  92.   or else no one will be able to use it.  If you are protecting the login and registration

  93.   forms, be sure to give the "access" permission to anonymous users!

  94. 

  95. - Visit the configuration page to specify which forms you want it to work on.