Hello,
I am new to php and mysql and I need to do password encryption and decryption. The password will be saved in a data base, I need to use an algorithm that uses SALT varible. Can some please help me with that? Thanks in advance.
rse
0
Light Poster
Recommended Answers
Jump to PostHere you'll find a nice introduction to AES.
Jump to PostIf SECURE_KEY is a string, it needs to be within single quotes, as shown in the examples from the link I showed you.
All 8 Replies
rse
0
Light Poster
Thanks, I am trying to use it, i was able to insert to the data base an encrypted password. But how can I validate the user password at login time. I tried the folloing but did not work:
$query="select AES_DECRYPT(psw,SECURE_KEY) from users where psw =(AES_DECRYPT('$password',SECURE_KEY)";
pritaeas
2,194
¯\_(ツ)_/¯
Moderator
Featured Poster
If SECURE_KEY is a string, it needs to be within single quotes, as shown in the examples from the link I showed you.
rse
0
Light Poster
it is a constant
pritaeas
2,194
¯\_(ツ)_/¯
Moderator
Featured Poster
A constant in PHP I guess ?
$query = sprintf("select AES_DECRYPT(psw, '%1$s') from users where psw = AES_DECRYPT('$password', '%1$s'", SECURE_KEY);
rse
0
Light Poster
yes I tried this in mysql for testing and worked, i will try it on php:
SELECT AES_DECRYPT( 'psw', "secretkey" ) AS psw
FROM users
WHERE psw = 'password';
rse
0
Light Poster
Well I got this error:
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource.
This is the code I have:
$query="select AES_DECRYPT('psw',SECURE_KEY) from users where psw ='$password'";
$result = mysql_query($query2, $GLOBALS['DB']);
if(mysql_num_rows($result)) {
return true;
}Thank you for ur help.
rse
0
Light Poster
ok found it, it is the constant, I had to put it in a variable to be passed to the query. I appreciate ur help
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.