I am not seeing this addressed here (mysql is key - not just a encrypt/decrypt question).
The same php code decrypts successfully a md5 encrypted string when it does NOT come from the mysql database. Not using mysql a string both encrypts and decrypts successfully. I use the same decrypt code in both scenarios.
1 )string is encrypted and saved into mysql
2) encrypted string is later pulled out and attempted to be decrypted and displayed.
3) mysql version - decryption fails (outputs -> ef32b9252e40bc9e228744923e33393b). Not using mysql – (outputs “team”)
<?php
// version #1 – mysql version
$encrypted = "team";
// encrypt the string $encrypted
$key = md5(date('l jS of F Y h i s A'));
$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $encrypted, MCRYPT_MODE_CBC, md5(md5($key))));**
// Of course here would be the INSERT…..
// So now “team” is in the mysql database encrypted.
$userid = "bob";
$query = "select team from league where username = '".$userid."'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
$encrypted = trim($row['team']);
}
// decrypt the string $encrypted
$key = md5(date('l jS of F Y h i s A'));
$decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encrypted), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
print $decrypted; //outputs -> ef32b9252e40bc9e228744923e33393b
// Version #2 - non mysql
$encrypted = "team" // Not from mysql DB.
// encrypt the string $encrypted
$key = md5(date('l jS of F Y h i s A'));
$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $encrypted, MCRYPT_MODE_CBC, md5(md5($key))));
// decrypt the string $encrypted
$key = md5(date('l jS of F Y h i s A'));
$decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($encrypted), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
print $decrypted; //outputs -> team
?>
