User data protection with encoding and decoding?

I'm working on a CMS system and I want to add a feature to protect user's data. Of course passwords are hashed and could only be decoded using brute forcing. But now it's about the rest of the data, for example their mail address. I would like to have a function which encodes a mail address when a user registers which could be decoded each time a mail should be send. Now the problem with hashing is that you can't easily convert it back (I think), at least with md5 and sh1 and similar algorithms this is not possible so this is not what I want.

I would like to have a feature that salt could be used in the en- and decoding process. This means that I have a random string stored somewhere in the web aplication, which is used as 'seed' or 'salt' for this process, so the result will be different if that random string is different, this makes it harder to decode once hackers (for example) broke into the database and stole the data.

I saw a function in PHP called base64_encode() and base64_decode(), these functions can en- and decode the data very easy. The problem with these functions is that there's no 'salt' parameter and I don't think it's very good as protection. Is there's a function which does something similair with more protection with a en- and decode feature, and with a salt parameter?

Thanks in advance, Tim Visée

Let me explain you difference between encoding, hashing and encrypting.

encoding is just a way of representing data, thus it doesn't help you with security. base64 serves for encoding 8-bit data representation to 6-bit, i.e. for transferring in e-mail bodies. Not useful for you.
hashing is an one-way transforming of data usually with these properties:
- many (actually infinite) different data strings have the same hash. You can hash a string of any length, but the produced hash has always limited length, so it's clean that not every input string can have unique hash.
- while hashing is fast, guessing original data with specified hash cannot be calculated simplier than trying all possible combinations.
- encrypting is what you are looking for. encrypted data can be read only with a proper key.

However, I don't see a big point in encrypting data in your database. If someone sees your PHP source code and database, he can easily read the key and decrypt data. It can only help you if someone steals the raw database and still not have access to your source code, but it's quitely rare and web programmers don't usually do it.