Invisible columns, a new concept introduced in MySQL 8, offer an additional layer of security and control over sensitive data. When executing a SELECT *
query, invisible columns are not retrieved by default. Instead, you must explicitly specify them in the SELECT
statement. This ensures that sensitive information such as passwords, tokens, API keys, and payment-related data remains protected.
MySQL 8: Introduction to Invisible Columns
In MySQL 8, invisible columns are columns that are not included in the result set of a SELECT *
query unless explicitly specified. This feature enhances data security by preventing the accidental exposure of sensitive information.
To create an invisible column in MySQL 8, you can use the following syntax:
ALTER TABLE table_name
ADD COLUMN column_name datatype INVISIBLE;
For example, to make the password
column invisible in the users
table:
ALTER TABLE users
ADD COLUMN password VARCHAR(255) INVISIBLE;
Now, when you run a SELECT *
query on the users
table, the password
column will not be retrieved unless explicitly specified in the SELECT
statement.
Laravel: Supporting Invisible Columns
Laravel, a popular PHP framework, has introduced support for invisible columns, making it easier to work with sensitive data in your applications.
Here's an example of defining an invisible column in a Laravel migration:
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
Schema::table('users', function (Blueprint $table) {
$table->string('password')->invisible();
});
In this example, we're making the password
column invisible in the users
table.
$user = User::first();
$user->$password // this will return null
To retrieve the value of an invisible column in Laravel, you must explicitly specify it in the SELECT
statement. Here's how you can do it:
$user = User::select('password')->first();
$password = $user->password; // returns the password
This ensures that sensitive information is accessed only when explicitly requested, reducing the risk of accidental exposure.
Conclusion
Invisible columns in MySQL 8 and Laravel offer a powerful way to enhance data security and control over sensitive information. By making sensitive columns invisible, you can prevent accidental exposure of sensitive data and ensure that it is accessed only when necessary.
Whether you're working with passwords, tokens, API keys, or payment-related data, leveraging invisible columns can help you build more secure and reliable applications.
Top comments (1)
Thanks for sharing this MySQL 8 feature, I wasn't aware of.