Hi, i'm having a problem with AES encryption.
I have 2 queries:

mysql_query("INSERT INTO table (secretfield) VALUES (AES_ENCRYPT('$secretvariable','12345'))")

mysql_query("SELECT AES_DECRYPT(secretfield,'12345') as sf FROM table WHERE ID='$_SESSION[id]'");

With AES_ENCRYPT it works fine, it inserts encrypted values into the column, but when i use AES_DECRYPT, it returns a blank value. No error, no nothing. Why are my fields not decrypting back?

Thanks

it COULD be tht there is not a value stored in $_SESSION
echo it out and check if it has a value.

Checked it, it has a value. Also, when i try to select other fields along with the secret ones, they display correctly.

SELECT AES_DECRYPT(secretfield,'12345') as sf FROM table WHERE ID='$_SESSION[id]' AND secretfield = (AES_ENCRYPT('$secretvariable','12345'));

(did a little research myself since im not that familiar with this. i normally use md5 or sha1.)

Now it even does not show the other variables that are not encrypted. Could it be in the db field itself? Or db engine, charset, anywhere. Currently it's MyISAM engine with utf8 and the field is VARCHAR(255).

The columns contains about 0-4 gibberish-random symbols. Does the encrypted data looks like that, or should it be more symbols?

Make the column's data type blob.

Hello all, I have a similar problem with AES, my database and the user_profile table are UTF_8_bin

$sql_userData = sprintf("SELECT user_profile.name, 
user_profile.screenname, 
user_profile.email,
user_profile.id_user_type,
AES_DECRYPT(user_profile.`password`,'Tenesee') AS pwd, 
user_profile.status
FROM user_profile
WHERE user_profile.screenname = '%s'",$_GET['screenname']);
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.