in my php pages i am using aes_encrypt which works fine. The issue i am
having is with aes_decrypt. I have been searching for days to try and
resolve this problem but need more help. The following string in my php
will not bring any results back at all. I know it does work because
running it in mysql direct works.

simple sql string:
SELECT AES_DECRYPT(password, 'keyhere') FROM accounts where id = '11';

The full code is below - this does bring back all the other details apart from the password again.

Reproduce code:

$sql = "SELECT userId, name, email, aes_decrypt(password,'keyhere'),
country FROM accounts where id='". $_SESSION['member_ID'] ."'";

$result = mysql_query($sql);

if (!$result) {
    echo "Could not successfully run query ($sql) from DB: " .

if (mysql_num_rows($result) == 0) {
    echo "No rows found, nothing to print so am exiting";
	while ($row = mysql_fetch_array($result))

     echo $row["userId"];
     echo $row["name"];
     echo $row["email"];
	 echo $row["password"];
	 echo $row["country"];


Expected result:
123456 john 'password should be here' UK

Actual result:

I think you should use an alias. ie.,

$sql = "SELECT userId, name, email, aes_decrypt(password,'keyhere') as password, country FROM accounts where id='". $_SESSION['member_ID'] ."'";

I guess that will do the trick..

YES YES - thank you dude, that has dude the trick.

Kind Regards,


Hi again - just wondering if you know why the password is coming out with the brackets

i really need it to be just the password.

Any advice or ideas regarding that

cheers again for your help


Maybe thats how you saved it ? It works fine for me in this simple example.. :)

$con = mysql_connect("localhost","root");
$xyz = rand(1,2000);
$password = "something$xyz";
$username = "someuser$xyz";
$query = "insert into member (spid,uname,pss) values ('$xyz','$username',aes_encrypt('$password','password'))";
mysql_query($query) or die(mysql_error());
$query = "select uname,aes_decrypt(pss,'password') as password from member where spid='$xyz'";
$result = mysql_query($query);
$row = mysql_fetch_array($result);
echo "Username: ".$row['uname']." Password: ".$row['password'];

I think you could be right there again :) just guna look at my code again.



Thanks mate - yes it was my code. lol

You have been a really great help with this thank you very much



nav33n, you are the man. Iv been battling this for a day now, I did everything but us "as variable" I even made a function to transfer the data to the original variables, thanks!!! You da man.

This article has been dead for over six months. Start a new discussion instead.