0

Hi, i'm having a problem with AES encryption.
I have 2 queries:

mysql_query("INSERT INTO table (secretfield) VALUES (AES_ENCRYPT('$secretvariable','12345'))")

mysql_query("SELECT AES_DECRYPT(secretfield,'12345') as sf FROM table WHERE ID='$_SESSION[id]'");

With AES_ENCRYPT it works fine, it inserts encrypted values into the column, but when i use AES_DECRYPT, it returns a blank value. No error, no nothing. Why are my fields not decrypting back?

Thanks

4
Contributors
6
Replies
7
Views
6 Years
Discussion Span
Last Post by carlodglozada
0

it COULD be tht there is not a value stored in $_SESSION
echo it out and check if it has a value.

0

Checked it, it has a value. Also, when i try to select other fields along with the secret ones, they display correctly.

0
SELECT AES_DECRYPT(secretfield,'12345') as sf FROM table WHERE ID='$_SESSION[id]' AND secretfield = (AES_ENCRYPT('$secretvariable','12345'));

(did a little research myself since im not that familiar with this. i normally use md5 or sha1.)

Edited by kekkaishi: n/a

0

Now it even does not show the other variables that are not encrypted. Could it be in the db field itself? Or db engine, charset, anywhere. Currently it's MyISAM engine with utf8 and the field is VARCHAR(255).

The columns contains about 0-4 gibberish-random symbols. Does the encrypted data looks like that, or should it be more symbols?

Edited by Buppy: n/a

0

Hello all, I have a similar problem with AES, my database and the user_profile table are UTF_8_bin

$sql_userData = sprintf("SELECT user_profile.name, 
user_profile.screenname, 
user_profile.email,
user_profile.id_user_type,
AES_DECRYPT(user_profile.`password`,'Tenesee') AS pwd, 
user_profile.status
FROM user_profile
WHERE user_profile.screenname = '%s'",$_GET['screenname']);
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.