problem encrypting data (AES_ENCRYPT/AES_DECRYPT) [message #181757] |
Thu, 30 May 2013 06:28 |
ViVi
Messages: 5 Registered: May 2013
Karma:
|
Junior Member |
|
|
This is driving me crazy !
I'm getting a string from the user (form,input,type=text)
I escape it (mysql_real_escape_string)
And write it encrypted to DB (AES_ENCRYPT).
Then I read it back (SELECT AES_DECRYPT).
It works 99.99 % of the time.
"Sometime" it fails: i.e. the read value is NOT = to the written one.
To be more specific: the "encrypted" value (select 'catName') contains
something, the decrypted one ( SELECT AES_DECRYPT(`catName`...)
contains garbage.
I've not been able to track down WHEN it fails, but some strings
everytime fail, other strings are OK.
OK are .... almost all
the following string
doppio " apice
FAILS everytime.
I've tried defining the DB field (catName) VARCHAR or BINARY to no
avail.
I dont thing it's a "quote" problem, because if I dont encrypt/decrypt
the string all works fine.
Can someone help me ?
TIA
.... get data from user:
echo " <form action=\"thisScript.php\" name='theName' method=\"post\">
\n";
echo "<input name=\"cat\" type=\"text\" value=\"\" maxlength=\"20\"
size=\"20\" >\n";
echo "<br><INPUT type=\"submit\" style=\"height: 25px; width: 100px\"
value=\"GO\"><br><br>";
.... connect & select DB
.... Write to DB
$s_="SALT";
$cat=$_REQUEST['cat'];
$cat=mysql_real_escape_string($cat);
mysql_query("INSERT INTO `tableName` (`catName`) VALUES
( AES_ENCRYPT('$cat' , '$s_') )");
$rc_=mysql_insert_id();
.... read it from DB
$rlib=mysql_query("SELECT AES_DECRYPT(`catName`, '".$s_."') as cate
FROM `tableName` where `cat_idx` = ".$rc_."")or die(mysql_error());
$myrow = mysql_fetch_array($rlib);
$out=$myrow['cat'];
if ( $out != $_REQUEST['cat'] ) echo "<br><br><b>BAD !</b><br><br>";
|
|
|