Check the header for decrypting.

[Firesphere]

Currently, we decrypt if the string is long. This is not the right way to do it, we should check if the header is set.

[Taitava]

Just for reference, you @Firesphere had a good discussion about this in the defuse/php-encryption module's issue tracker.

So the bottom line is that we need a separate flag that would tell us that the value is encrypted (or decrypted). Another way would be to check the header, but as pointed out in the discussion, that would not be 100% reliable, as also unencrypted strings can (in theory) start with the same "def5" bytes that would be used to identify the string as encrypted.

I'm interested to have a look at this issue, but unluckily I don't have time for it right now, but if I'll encounter a solution at some point, I will definitively post more about it here or make a pull request.