Hey guys, I run www.pureescape.net and I was just wanting to know if any of you are experienced with securing databases. I use Mysql, and I've got the user accounts secured, but, there is an ache in my stomach when I consider that lots of data in the database is plain text. Not just my data, but the data of others.

My setup is secure, I'm just trying to prepare for worst case scenarios (network/physical attacks on the system)

I usually use PHP for my web applications. What I'd like to know, is how can I implement encryption/decryption on the fly? So that data is encrypted before entering the database, and is decrypted after the sql query (before it's presented in clear text again to the user).

Any info (links, turorial, code) on these techniques would be great. Also, the site ( www.pureescape.net ) is always interested in getting new members for it's discussion forums. Stop by, you'll probably meet someone you know from AO. Peace!


Thanks in response for help.
--PuRe