• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 266
  • Last Modified:

add the encrypt key to the user but got error

I have added the encrypted key and hash to the user but after that it showing the error..it has been attached. please advice what would be the cause.
eror1.bmp
0
champ4you
Asked:
champ4you
  • 5
  • 4
  • 3
  • +1
1 Solution
 
champ4youAuthor Commented:
Please advice how to assign hash and encrypt key for a user.

This is the example of code i am using in php :

sprintf("SELECT AES_DECRYPT('%s', UNHEX(md5('%s'))) AS decrypted_key",
                        mysql_real_escape_string($encrypted_key),
                        mysql_real_escape_string($user_password));

0
 
virmaiorCommented:
that does not call MySQL in any way...

you would need to implement it wholly in php for that to make any sense.
0
 
InsoftserviceCommented:
Hi champ4you,

I completely agree with virmalor,
Should i provide you the complete step that would not only encrypt your data but even it can be decrypted easily. since , further you would require it to decrypt the data it would create problem since md5 does not have proper decryption method.

Is it necessary  to decrypt with md5.

Please reply so that i can provide you with other method.
It would not for today but even for further stages of your project.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
ahoffmannCommented:
please post the codelines which set $encrypted_key and $user_password and the code line with the mysql query
0
 
champ4youAuthor Commented:
Thank you All, Sure Insoftservice, Please provide me the steps included ...no problem ..not necessary to use md5..please suggest.

Thanks:)
0
 
champ4youAuthor Commented:
if ($button4=="add") {

    if ($this_page == $generated_page) {

        $sql =sprintf("SELECT `encrypt_key` FROM `web_usernames`
                       WHERE `username` = '%s'",
                       mysql_real_escape_string($username));

        $result =  do_mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        $encrypted_key = $myrow["encrypt_key"];

        $sql = sprintf("SELECT AES_DECRYPT('%s', UNHEX(md5('%s'))) AS decrypted_key",
                        mysql_real_escape_string($encrypted_key),
                        mysql_real_escape_string($user_password));

        $result =  do_mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        $decrypted_key = $myrow["decrypted_key"];

        $sql = sprintf("SELECT AES_ENCRYPT('%s', '%s') AS encrypt_username,
                               AES_ENCRYPT('%s', '%s') AS encrypt_password",
                        mysql_real_escape_string($fm_username),
                        mysql_real_escape_string($decrypted_key),
                        mysql_real_escape_string($fm_password),
                        mysql_real_escape_string($decrypted_key));
        $result =  do_mysql_query($sql);
        $myrow = mysql_fetch_array($result);
        $encrypt_username=$myrow["encrypt_username"];
        $encrypt_password=$myrow["encrypt_password"];

        if ($server_type==1) {
            $sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
                                            `password`, `sun_type_id` )
                          VALUES ( NULL, '%s', '%s' , '%s', '%s')",
                          mysql_real_escape_string($id),
                          mysql_real_escape_string($encrypt_username),
                          mysql_real_escape_string($encrypt_password),
                          mysql_real_escape_string($fm_user_type_id));
        }
        elseif ($server_type==3) {
            $sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
                                            `password`, `nokia_type_id` )
                          VALUES ( NULL, '%s', '%s' , '%s', '%s')",
                          mysql_real_escape_string($id),
                          mysql_real_escape_string($encrypt_username),
                          mysql_real_escape_string($encrypt_password),
                          mysql_real_escape_string($fm_user_type_id));
        }
        elseif ($server_type==4) {
            $sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
                                            `password`, `cisco_type_id` )
                          VALUES ( NULL, '%s', '%s' , '%s', '%s')",
                          mysql_real_escape_string($id),
                          mysql_real_escape_string($encrypt_username),
                          mysql_real_escape_string($encrypt_password),
                          mysql_real_escape_string($fm_user_type_id));
        }

        $result = do_mysql_query($sql);
        $myrow = mysql_fetch_array($result);
    }
}
0
 
InsoftserviceCommented:


hi,
      

///Make a new File name it as general.php

//GENERAL page ends here

<?php
      class General
      {
            function encrypt($string, $key)
            {
                  $result = '';
                  for($i=0; $i<strlen($string); $i++)
                  {
                        $char = substr($string, $i, 1);
                        $keychar = substr($key, ($i % strlen($key))-1, 1);
                        $char = chr(ord($char)+ord($keychar));
                        $result.=$char;
                  }
                  return base64_encode($result);
            }

            function decrypt($string, $key)
            {
                  $result = '';
                  $string = base64_decode($string);
                  for($i=0; $i<strlen($string); $i++)
                  {
                        $char = substr($string, $i, 1);
                        $keychar = substr($key, ($i % strlen($key))-1, 1);
                        $char = chr(ord($char)-ord($keychar));
                        $result.=$char;
                  }
                  return $result;
            }
            
      
      }
?>
//GENERAL page ends here


Now While inserting data you can encrypt using following method

$genObj = new General();

$password = $genObj->encrypt($_REQUEST['password'],"Your encrypted value");

Now While getting the data you can decrypt using following method

$genObj = new General();

$password = $genObj->encrypt($_REQUEST['password'],"Your encrypted value");

Where $_REQUEST['password']; is ur posted or request value. Thats it
0
 
InsoftserviceCommented:
Hi,

I have given you this code so that if some clients forget there password and they want the same or some  or the other it can provided by just passing the steps manually on test page . so this code is of gr8 use in further stages
0
 
ahoffmannCommented:
insoftservice, what should be the purpose of base64 encoding a password? (and naming the function "encrypt":)
0
 
InsoftserviceCommented:
Hi,
I have given him the code so that if he is entering a new user , i mean to say fresh data in all database.
so that later he can have full control on the password instead of md5 which cannot be decrypted properly
0
 
ahoffmannCommented:
I'm just wondering about the purpose of a password stored in clear text ...
0
 
InsoftserviceCommented:
hi,

IF im not wrong he is trying to get decrypted its password . let it be .
Even if he wants to encrypt any text he can use this method to decrypt too.
0
 
champ4youAuthor Commented:
very help full but not exactly what i want ..thank you:)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 5
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now