champ4you
asked on
add the encrypt key to the user but got error
I have added the encrypted key and hash to the user but after that it showing the error..it has been attached. please advice what would be the cause.
eror1.bmp
eror1.bmp
that does not call MySQL in any way...
you would need to implement it wholly in php for that to make any sense.
you would need to implement it wholly in php for that to make any sense.
Hi champ4you,
I completely agree with virmalor,
Should i provide you the complete step that would not only encrypt your data but even it can be decrypted easily. since , further you would require it to decrypt the data it would create problem since md5 does not have proper decryption method.
Is it necessary to decrypt with md5.
Please reply so that i can provide you with other method.
It would not for today but even for further stages of your project.
I completely agree with virmalor,
Should i provide you the complete step that would not only encrypt your data but even it can be decrypted easily. since , further you would require it to decrypt the data it would create problem since md5 does not have proper decryption method.
Is it necessary to decrypt with md5.
Please reply so that i can provide you with other method.
It would not for today but even for further stages of your project.
please post the codelines which set $encrypted_key and $user_password and the code line with the mysql query
ASKER
Thank you All, Sure Insoftservice, Please provide me the steps included ...no problem ..not necessary to use md5..please suggest.
Thanks:)
Thanks:)
ASKER
if ($button4=="add") {
if ($this_page == $generated_page) {
$sql =sprintf("SELECT `encrypt_key` FROM `web_usernames`
WHERE `username` = '%s'",
mysql_real_escape_string($ username)) ;
$result = do_mysql_query($sql);
$myrow = mysql_fetch_array($result) ;
$encrypted_key = $myrow["encrypt_key"];
$sql = sprintf("SELECT AES_DECRYPT('%s', UNHEX(md5('%s'))) AS decrypted_key",
mysql_real_escape_string($ encrypted_ key),
mysql_real_escape_string($ user_passw ord));
$result = do_mysql_query($sql);
$myrow = mysql_fetch_array($result) ;
$decrypted_key = $myrow["decrypted_key"];
$sql = sprintf("SELECT AES_ENCRYPT('%s', '%s') AS encrypt_username,
AES_ENCRYPT('%s', '%s') AS encrypt_password",
mysql_real_escape_string($ fm_usernam e),
mysql_real_escape_string($ decrypted_ key),
mysql_real_escape_string($ fm_passwor d),
mysql_real_escape_string($ decrypted_ key));
$result = do_mysql_query($sql);
$myrow = mysql_fetch_array($result) ;
$encrypt_username=$myrow[" encrypt_us ername"];
$encrypt_password=$myrow[" encrypt_pa ssword"];
if ($server_type==1) {
$sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
`password`, `sun_type_id` )
VALUES ( NULL, '%s', '%s' , '%s', '%s')",
mysql_real_escape_string($ id),
mysql_real_escape_string($ encrypt_us ername),
mysql_real_escape_string($ encrypt_pa ssword),
mysql_real_escape_string($ fm_user_ty pe_id));
}
elseif ($server_type==3) {
$sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
`password`, `nokia_type_id` )
VALUES ( NULL, '%s', '%s' , '%s', '%s')",
mysql_real_escape_string($ id),
mysql_real_escape_string($ encrypt_us ername),
mysql_real_escape_string($ encrypt_pa ssword),
mysql_real_escape_string($ fm_user_ty pe_id));
}
elseif ($server_type==4) {
$sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
`password`, `cisco_type_id` )
VALUES ( NULL, '%s', '%s' , '%s', '%s')",
mysql_real_escape_string($ id),
mysql_real_escape_string($ encrypt_us ername),
mysql_real_escape_string($ encrypt_pa ssword),
mysql_real_escape_string($ fm_user_ty pe_id));
}
$result = do_mysql_query($sql);
$myrow = mysql_fetch_array($result) ;
}
}
if ($this_page == $generated_page) {
$sql =sprintf("SELECT `encrypt_key` FROM `web_usernames`
WHERE `username` = '%s'",
mysql_real_escape_string($
$result = do_mysql_query($sql);
$myrow = mysql_fetch_array($result)
$encrypted_key = $myrow["encrypt_key"];
$sql = sprintf("SELECT AES_DECRYPT('%s', UNHEX(md5('%s'))) AS decrypted_key",
mysql_real_escape_string($
mysql_real_escape_string($
$result = do_mysql_query($sql);
$myrow = mysql_fetch_array($result)
$decrypted_key = $myrow["decrypted_key"];
$sql = sprintf("SELECT AES_ENCRYPT('%s', '%s') AS encrypt_username,
AES_ENCRYPT('%s', '%s') AS encrypt_password",
mysql_real_escape_string($
mysql_real_escape_string($
mysql_real_escape_string($
mysql_real_escape_string($
$result = do_mysql_query($sql);
$myrow = mysql_fetch_array($result)
$encrypt_username=$myrow["
$encrypt_password=$myrow["
if ($server_type==1) {
$sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
`password`, `sun_type_id` )
VALUES ( NULL, '%s', '%s' , '%s', '%s')",
mysql_real_escape_string($
mysql_real_escape_string($
mysql_real_escape_string($
mysql_real_escape_string($
}
elseif ($server_type==3) {
$sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
`password`, `nokia_type_id` )
VALUES ( NULL, '%s', '%s' , '%s', '%s')",
mysql_real_escape_string($
mysql_real_escape_string($
mysql_real_escape_string($
mysql_real_escape_string($
}
elseif ($server_type==4) {
$sql=sprintf("INSERT INTO `hw_passwords` ( `password_id`, `server_id`, `username`,
`password`, `cisco_type_id` )
VALUES ( NULL, '%s', '%s' , '%s', '%s')",
mysql_real_escape_string($
mysql_real_escape_string($
mysql_real_escape_string($
mysql_real_escape_string($
}
$result = do_mysql_query($sql);
$myrow = mysql_fetch_array($result)
}
}
hi,
///Make a new File name it as general.php
//GENERAL page ends here
<?php
class General
{
function encrypt($string, $key)
{
$result = '';
for($i=0; $i<strlen($string); $i++)
{
$char = substr($string, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)+ord($keycha
$result.=$char;
}
return base64_encode($result);
}
function decrypt($string, $key)
{
$result = '';
$string = base64_decode($string);
for($i=0; $i<strlen($string); $i++)
{
$char = substr($string, $i, 1);
$keychar = substr($key, ($i % strlen($key))-1, 1);
$char = chr(ord($char)-ord($keycha
$result.=$char;
}
return $result;
}
}
?>
//GENERAL page ends here
Now While inserting data you can encrypt using following method
$genObj = new General();
$password = $genObj->encrypt($_REQUEST
Now While getting the data you can decrypt using following method
$genObj = new General();
$password = $genObj->encrypt($_REQUEST
Where $_REQUEST['password']; is ur posted or request value. Thats it
Hi,
I have given you this code so that if some clients forget there password and they want the same or some or the other it can provided by just passing the steps manually on test page . so this code is of gr8 use in further stages
I have given you this code so that if some clients forget there password and they want the same or some or the other it can provided by just passing the steps manually on test page . so this code is of gr8 use in further stages
insoftservice, what should be the purpose of base64 encoding a password? (and naming the function "encrypt":)
Hi,
I have given him the code so that if he is entering a new user , i mean to say fresh data in all database.
so that later he can have full control on the password instead of md5 which cannot be decrypted properly
I have given him the code so that if he is entering a new user , i mean to say fresh data in all database.
so that later he can have full control on the password instead of md5 which cannot be decrypted properly
I'm just wondering about the purpose of a password stored in clear text ...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
very help full but not exactly what i want ..thank you:)
ASKER
This is the example of code i am using in php :
sprintf("SELECT AES_DECRYPT('%s', UNHEX(md5('%s'))) AS decrypted_key",
mysql_real_escape_string($
mysql_real_escape_string($