Page 1 of 1

inserting certain chars into db

Posted: Sun Jul 11, 2004 3:05 am
by John Cartwright
OK my problem is I want to securly encrypt and decrypt md5 passwords:

So i look on php.net and find this function to encrypt it

Code: Select all

<?php
  function crypt_md5($msg,$heslo)
  {
   	$key=$heslo;$sifra="";
   	$key1=binmd5($key);
   	while($msg) 
	{
     	$m=substr($msg,0,16);
     	$msg=substr($msg,16);
    	$sifra.=bytexor($m,$key1,16);
    	$key1=binmd5($key.$key1.$m);
    }
    echo "\n";
    $pass = $sifra;
  	echo $sifra."<br><br>";
	echo $pass;
  }
?>
which works fine... it encrypts the password and returns something like this: à Έ)È×….g

Notice in the function I use both echo $sifra and $pass to ensure they are being set properly... heres is the problem.. furthur down in my code i have the following:

Code: Select all

<?php
				crypt_md5($pass,$key);
				
				@mysql_query("INSERT INTO users SET user='$user',pass='$pass',datejoined='$datejoined',email='$email',access='0'"); 
?>
and it insets it properly to my knowledge.....

but for example i entered my password as: dadsfdfadsfdasdafafdfads (which returns à Ü

Posted: Sun Jul 11, 2004 3:17 am
by feyd
you need to either return the new password, or use references to modify the passed password..

Posted: Sun Jul 11, 2004 3:19 am
by kettle_drum
Follow the usual rules for variable scope.

Posted: Sun Jul 11, 2004 3:27 am
by John Cartwright
i'm sorry im feeling stupid right now...

to the both of you: ... what?

Posted: Sun Jul 11, 2004 3:41 am
by feyd
when you call your crypt_md5() function, you are passing it a copy of the variables, so anything you do to those variables inside the function, does not affect the outside data. It's probably best if your function retured the new password value. You then need to store the return from the function into a variable. Use that variable in your query..

Posted: Sun Jul 11, 2004 11:52 am
by John Cartwright
but in the function it has

$pass = $sifra;

which gives pass its new value

Posted: Sun Jul 11, 2004 12:06 pm
by feyd
$pass inside the function is considered a local variable, not from the global variable space.