| Re: store backslash in mysql database [message #170673 is a reply to message #170668] |
Sun, 14 November 2010 18:38   |
Helmut Chang
Messages: 22
Registered: September 2010
Karma:
|
Junior Member |
|
|
Am 14.11.2010 18:11, schrieb Peter:
> Well, I wouldn't exactly have called it a bug. It was a script that I
> found on the internet and it's possible the original creator didn't have
> it in mind to store the data in a mysql database. And as I didn't write
> the script, who knows?
And who wrote the script, that stores the encrypted value incorrect in
the database?
> As to debugging the script, it uses some maths functions including ord
> to convert the original data into the encrypted data. So, I'm not sure
> how the function is supposed to know what the outcome of the encryption
> is going to be before it knows what the input is?
The bug is not in the part of the encryption script. It is in the part,
where the encrypted data is stored to the database.
> So, all I could potentially do, as I see it, is include an extra:
>
> if, char converted to backslash, then change to a different char.
No! Haven't you read the other answers, concerning
<http://www.php.net/manual/en/function.mysql-real-escape-string.php>?
There are some characters in strings and blobs, that have to be escaped
when used in a (My)SQL query. And it's not only the backslash. This
function does it for you in the correct way! *But*: The escape sequences
are *not* stored in the database. So when you fetch the value again, it
is exactly as you want it.
> However, how would I then know, when decrypting back that the different
> char wasn't created as part of the original encryption or by my if
> statement?
You don't need to, if you do, what I've written above.
Helmut
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]