• 0

PHP & MySQL: AES_Encrypt / AES_Decrypt

Asked by DjmUK,

 Share

Question

Grand Master

DjmUK

Posted
Posted

Alrighty then. If I were to use the following commands they work just fine:

AES_Encrypt (PHP):

$un = david;

$pw = pass;

mysql_query(INSERT into tablename (un,pw) values ('$un',aes_encrypt('$pw','key'))",$db);

AES_Encrypt (Command Prompt):

SELECT un, aes_decrypt(pw,'key') from tablename where id=1;

However. I'm trying to write a login page based upon the encrypted data via PHP (send the data via a form and process it). I had it working perfectly - but as soon as encryption is entered things don't go my way. Here's a sample of my efforts which aren't looking too good (I am extracting from a form, but for simplicity I'm using static data).

<?php

$un = david;
$pw = pass;

$result = mysql_query("SELECT un, aes_decrypt(pw,'key') FROM table_login where un='$un' and pw='$pw' ",$db);

$array_r = mysql_fetch_array($result);

echo "User". $array_r["un"] ."<br />";
echo "Pass". $array_r["pw"];
?>

I searched google and other sites with no luck, but from what I'm told - the aes_decrypt function has to remain in the SELECT clause because it's a MySQL function and not a PHP function.

Please help me and thanks in advance.

Link to comment
https://www.neowin.net/forum/topic/290091-php-mysql-aes_encrypt-aes_decrypt/
Share on other sites

11 answers to this question

Recommended Posts

  • 0
Grand Master

DjmUK

Posted
  • Author
Posted
  flightmike1 said:
Your WHERE clause is comparing the unencrypted password(submitted by the user) to the encrypted password in the database, it might be easier if you use PHP to do the encryption.

585535073[/snapback]

Exactly what I meant - what I cannot figure out is how to do this in PHP :(

  • 0
Mentor

GatorV

Posted
Posted

Why don't you try to do 2 querys?

<?php

$un = david;
$pw = pass;

$result = mysql_query("SELECT aes_encrypt(pw,'key')");
$encrypted = mysql_fetch_array($result));
$result = mysql_query("SELECT un, aes_decrypt(pw,'key') as pw FROM table_login where un='$un' and pw='$encrypted[0]' ",$db);

$array_r = mysql_fetch_array($result);

echo "User". $array_r["un"] ."<br />";
echo "Pass". $array_r["pw"];
?>

:unsure:

  • 0
Grand Master

DjmUK

Posted
  • Author
Posted
  GatorV said:
Why don't you try to do 2 querys?

<?php
$un = david;
$pw = pass;

$result = mysql_query("SELECT aes_encrypt(pw,'key')");
$encrypted = mysql_fetch_array($result));
$result = mysql_query("SELECT un, aes_decrypt(pw,'key') as pw FROM table_login where un='$un' and pw='$encrypted[0]' ",$db);

$array_r = mysql_fetch_array($result);

echo "User". $array_r["un"] ."<br />";
echo "Pass". $array_r["pw"];
?>

:unsure:

585544078[/snapback]

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\site\login_check.php on line 4

  • 0
Mentor

GatorV

Posted
Posted

Well the code was wrong, but try this:

<?php
$un = "david";
$pw = "pass";

$result = mysql_query("SELECT aes_encrypt('$pw','key')");
$encrypted = mysql_fetch_array($result));
$result = mysql_query("SELECT un, aes_decrypt(pw,'key') as pw FROM table_login where un='$un' and pw='$encrypted[0]' ",$db);

$array_r = mysql_fetch_array($result);

echo "User". $array_r["un"] ."<br />";
echo "Pass". $array_r["pw"];
?>

:cool:

  • 0
Rising Star

HeyRatFans

Posted
Posted

If you must use AES encryption do the comparision in PHP, i.e. have the query return the decrypted password and then do a simple == comparision in PHP.

<?php

$un = "david";
$pw = "pass";

$result = mysql_query("SELECT un, aes_decrypt(pw, 'key') as pw FROM table_login where un = '$un'");
$array_r = mysql_fetch_array($result);

if ($array_r['pw'] == $pw) {

   // Password is okay

   echo "User", $array_r["un"] ."<br />";
   echo "Pass", $array_r["pw"];

}else {

   // password is invalid!

   echo "Boo! Hiss!";
}

?>

  • 0
Grand Master

DjmUK

Posted
  • Author
Posted

FINALLY..! (1 query aswell)

$un = $_POST["un"];
	$pw = $_POST["pw"];

	$result = mysql_query("SELECT un, aes_decrypt(pw,'mykey') from tb_login where un='$un' ",$db);
	$encrypted = mysql_fetch_array($result);

if ($encrypted[1]==$pw)
{
echo "yes";
}
else
{
echo "no";
}

I had to encrypt the password into the BLOB field first. Thanks for all the help guys.

This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • AMD 25.6.1 driver out with RX 9060 XT support and a lot more FSR 4 games

      By LoneWolfSL · Posted

      AMD 25.6.1 driver out with RX 9060 XT support and a lot more FSR 4 games by Pulasthi Ariyasinghe A brand-new hardware launch is happening today for AMD, and to make sure its new GPUs are running properly, a new graphics driver has also landed right alongside it. The AMD Software: Adrenalin Edition 25.6.1 driver lands with support for the RX 9060 XT and the AMD Radeon AI PRO R9700, while also finally updating the number of games that support its AMD FidelityFX Super Resolution 4 upscaling technology. The consumer space-targeted RX 9060 XT graphics card comes in 8GB and 16GB flavors starting at $300 and $350 price points, respectively. Check out our launch coverage for this RDNA 4 GPU for more details here. At the same time, the AMD Radeon AI PRO R9700 comes in for handling professional workloads with a whopping 32GB of VRAM. While support for this card has already arrived with the latest driver, AMD is expecting to ship the product sometime in July 2025. The driver has also added official support for Onimusha 2: Samurai's Destiny Remaster as well, the Capcom-developed action game from last month. As for fixes, AMD has said that it has resolved reversed Quality and Performance selections in the Radeon Boost UI, as well as Le Mans Ultimate performance issues on RX 9070 series GPUs. There are quite a few known issues AMD is still working on: Stutter and lower than expected performance may be observed when using alt-tab and streaming to Discord with multiple monitors. Intermittent application crash or driver timeout may be observed while playing Marvel Spiderman 2 with Ray Tracing enabled on Radeon™ RX 9060 XT. Intermittent application crash may be observed when first launching The Last of Us Part 1 on Radeon™ RX 9060 XT graphics products. Stutter may be observed while playing games with some VR headsets at 80Hz or 90Hz refresh rate on some AMD Radeon™ Graphics Products such as the Radeon™ RX 7000 series. Users experiencing this issue are recommended to change the refresh rate as a temporary workaround. Intermittent system or application crash may be observed while playing Cyberpunk 2077 on some AMD Radeon™ Graphics Products such as the Radeon™ RX 7000 series. Intermittent application crash or driver timeout may be observed while playing Monster Hunter Wilds with Radeon™ Anti-Lag and Instant Replay enabled. Artifacts or corruption may appear while playing Battlefield™ V on Radeon™ RX 7000 series graphics products. Stutter may be observed while playing Call of Duty®: Warzone™ Season 03 ‘Verdansk’ map on some AMD Graphics Products. Stutter and lower than expected performance may be observed while playing 4K resolution YouTube videos in Chromium. Users experiencing this issue are recommended to play videos in full screen as a temporary workaround. Texture flickering or corruption may appear while playing The Elder Scrolls IV: Oblivion Remastered with AMD FidelityFX™ Super Resolution enabled on Radeon™ RX 9070 XT. Users experiencing this issue are recommended to disable AMD FidelityFX™ Super Resolution as a temporary workaround. As for FSR 4, these games are now supported by the popular upscaling tech for gaining more frames: Deadzone: Rogue Rem Survival F1 25 Runescape: Dragonwilds Frostpunk 2 Star Wars Outlaws Legacy: Steel & Sorcery Steel Seed Lords of the Fallen Stellar Blade Planetaries Virtua Fighter 5 R.E.V.O QANGA Wild Assault The complete list of games with FSR 4 support, as well as upcoming implementations, can be found on AMD's support page here. The WHQL-certified AMD Software: Adrenalin Edition 25.6.1 driver can now be downloaded from the AMD Software app as well as the changelog page on its official website here.
    • That sharp cold toothache you dread? Its origins trace back to ancient, unexpected purpose

      By adrynalyne · Posted

      💩
    • Download Unruly: Fighting Back when Politics, AI, and Law Upend [...] (worth $18) for free

      By News Staff · Posted

      Download Unruly: Fighting Back when Politics, AI, and Law Upend [...] (worth $18) for free by Steven Parker Claim your complimentary eBook worth $18 for free, before the offer ends on June 17. In Unruly: Fighting Back when Politics, AI, and Law Upend the Rules of Business, co-founder of software company Hence Technologies and former Global Deputy CEO of Eurasia Group, Sean West, delivers a startlingly insightful new take on how politics, technology and law are converging to upend the rules of business, generating dangerous risks and incredible opportunities. West convincingly argues that we must understand all three factors to get leverage over the future – a future filled with eroding rule of law, deepfakes that upend elections and court decisions, government pressure for businesses to be patriotic, robot lobbyists, a flood of automated legal claims pointed directly at your company and much more. Unruly offers detailed, practical advice for how to understand the world ahead, how to be resilient in the face of innumerable and complex challenges, and how to surround your business with the people and technology you need to excel in this environment. Inside the book: A framework for understanding all of the pressures on modern corporations from the convergence of geopolitics, technology and law. Strategies for turning your company's legal department into a source of enduring competitive advantage How to navigate government pressure for nationalism when you have a global footprint Approaches to winning in a world where courts are politicized and the law is increasingly automated, built on interviews with top experts Ways to deal with the backlash to ESG at a company level Perfect for executives, managers, entrepreneurs, founders, and other business leaders, Unruly is also a must-read for general counsels and the advisors who serve them. How to get it Please ensure you read the terms and conditions to claim this offer. Complete and verifiable information is required in order to receive this free offer. If you have previously made use of these free offers, you will not need to re-register. While supplies last! Download Unruly: Fighting Back when Politics, AI, and Law Upend [...] (worth $18) for free Offered by Wiley, view other free resources The below offers are also available for free in exchange for your (work) email: VideoProc Converter AI v7.5 for FREE (worth $78.90) – Expires 6/18 Winxvideo AI V3.0 Lifetime License for PC ($69.95 Value) FREE – Expires 6/8 Aiarty Image Enhancer for PC/Mac ($85 Value) FREE – Expires 6/8 Solutions Architect's Handbook, Third Edition ($42.99 Value) FREE – Expires 6/10 AI and Innovation ($21 Value) FREE – Expires 6/11 Unruly: Fighting Back when Politics, AI, and Law Upend [...] ($18 Value) FREE - Expires 6/17 SQL Essentials For Dummies ($10 Value) FREE – Expires 6/17 Continuous Testing, Quality, Security, and Feedback ($27.99 Value) FREE – Expires 6/18 Macxvideo AI ($39.95 Value) Free for a Limited Time – Expires 6/22 The Ultimate Linux Newbie Guide – Featured Free content Python Notes for Professionals – Featured Free content Learn Linux in 5 Days – Featured Free content Quick Reference Guide for Cybersecurity – Featured Free content We post these because we earn commission on each lead so as not to rely solely on advertising, which many of our readers block. It all helps toward paying staff reporters, servers and hosting costs. Other ways to support Neowin The above deal not doing it for you, but still want to help? Check out the links below. Check out our partner software in the Neowin Store Buy a T-shirt at Neowin's Threadsquad Subscribe to Neowin - for $14 a year, or $28 a year for an ad-free experience Disclosure: An account at Neowin Deals is required to participate in any deals powered by our affiliate, StackCommerce. For a full description of StackCommerce's privacy guidelines, go here. Neowin benefits from shared revenue of each sale made through the branded deals site.
    • AMD RX 9060 XT launches above MSRP and is available to buy now

      By hellowalkman · Posted

      AMD RX 9060 XT launches above MSRP and is available to buy now by Sayan Sen At Computex 2025 this year, AMD announced its RX 9060 XT mid-range desktop GPUs. The new graphics card landed in both 8GB and 16GB flavors and targets 1080p as well as light 1440p gaming. The community and some of the media criticized the 8GB VRAM model, but AMD defended the move explaining how the smaller memory buffer is not a cause of worry for the majority. Both the 8 GB and the 16 GB RX 9060 XT are now available for purchase. A new driver is out too with Adrenalin version 25.6.1. However, as always, day one stocks would likely be highly limited, similar to other GPUs or any other product, like the Nintendo Switch 2, that also landed today. Third-party AIB (add in board) vendors like Gigabyte, for example, are selling the 8GB at $329 (SEP is $299) currently on Amazon US, so expect some markup. The technical specifications of the Radeon RX 9060 XT are given below: Specification Value GPU Architecture AMD RDNA™ 4 Core Compute Units 32 Video Memory 16 GB / 8GB GDDR6 Infinity Cache 32 MB Core Boost Clock Up to 3.13 GHz Memory speed/bandwidth 20 Gbps / 320 GB/s AI Performance 821 TOPS (INT4 with sparsity) Raytracing & AI Accelerators 32 3rd Generation Raytracing Accelerators; 64 2nd Generation AI Accelerators PCIe Interface PCIe® 5.0 x16 Display Outputs DisplayPort™ 2.1a, HDMI® 2.1b Total Board Power (TBP) 160W* If you notice, we have an asterisk for the TBP value in the table above. That is because AMD says that it can vary between 150 and 182 watts. Performance-wise, we know the $349 16 GB variant is close to the Nvidia RTX 5060 Ti in rasterization but falls behind in ray tracing. Meanwhile, the 8GB model, priced the same as the GeForce RTX 5060 at $299, should be better, as both 8 Gig and 16 Gig SKUs are identical spec-wise outside of memory capacity. As an Amazon Associate we earn from qualifying purchases.
    • Alien: Earth (FX / Hulu)

      By BoondockSaint · Posted

      It actually looks decent, although trailers could make the worst nonsense look watchable sometimes. I'm not a fan of the "extended" Aliens universe (Prometheus, Covenant), but I liked Romulus so will definitely give this a shot.

  • Recent Achievements

    • Week One Done
      jbatch earned a badge
      Week One Done
    • First Post
      Yianis earned a badge
      First Post
    • Rookie
      GTRoberts went up a rank
      Rookie
    • First Post
      James courage Tabla earned a badge
      First Post
    • Reacting Well
      James courage Tabla earned a badge
      Reacting Well

  • Popular Contributors

    1. 1
      +primortal
      406
    2. 2
      +FloatingFatMan
      181
    3. 3
      snowy owl
      176
    4. 4
      ATLien_0
      170
    5. 5
      Xenon
      135
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!