0

Hello,

I am new to php and mysql and I need to do password encryption and decryption. The password will be saved in a data base, I need to use an algorithm that uses SALT varible. Can some please help me with that? Thanks in advance.

2
Contributors
8
Replies
13
Views
5 Years
Discussion Span
Last Post by rse
0

Thanks, I am trying to use it, i was able to insert to the data base an encrypted password. But how can I validate the user password at login time. I tried the folloing but did not work:

$query="select AES_DECRYPT(psw,SECURE_KEY) from users where psw =(AES_DECRYPT('$password',SECURE_KEY)";
0

If SECURE_KEY is a string, it needs to be within single quotes, as shown in the examples from the link I showed you.

0

A constant in PHP I guess ?

$query = sprintf("select AES_DECRYPT(psw, '%1$s') from users where psw = AES_DECRYPT('$password', '%1$s'", SECURE_KEY);

Edited by pritaeas: n/a

0

yes I tried this in mysql for testing and worked, i will try it on php:

SELECT AES_DECRYPT( 'psw', "secretkey" ) AS psw
FROM users
WHERE psw = 'password';
0

Well I got this error:
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource.
This is the code I have:

$query="select AES_DECRYPT('psw',SECURE_KEY) from users where psw ='$password'";
$result = mysql_query($query2, $GLOBALS['DB']);
if(mysql_num_rows($result)) { 
   return true;
		}

Thank you for ur help.

0

ok found it, it is the constant, I had to put it in a variable to be passed to the query. I appreciate ur help

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.