Western and Unicode Characters in PHP Crypt Method

Question

I'm using a simple method of modifying a password so that it is not stored in plain text. This is on a production database and application and it has worked up until switching from Windows Server 2003 to 2012.

private function simpleCrypt($password) {

    $text = strtoupper(trim($password));
    $chars = str_split($text);
    $password2 = '';

    foreach ($chars as $char) {
        $asciivalue = ord($char);


        if ($asciivalue < 128) {
            $newasciivalue = $asciivalue + 128;
            $newchar = chr($newasciivalue);
            $password2 = $password2 . $newchar;

        } elseif ($asciivalue > 128) {

            $newasciivalue = $asciivalue - 128;
            $newchar = chr($newasciivalue);
            $password2 = $password2 . $newchar;

        }
    }


    return $password2;
}

When ever my password gets ran through this script it shows me a result of �� vs the actual encoded password that was generated by the other system on 2003. It shows correct "western" characters. If I use Firefox and change text encoding to western however it shows me the correct database representation of the password. I've tried adding meta to my header on the login page thinking that it would correct this but I get the same result.

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

score 1 · Answer 1 · answered Oct 30 '15 at 12:45

1

Try

$text = mb_convert_encoding(strtoupper(trim($password)),'iso-8859-1');

answered Oct 30 '15 at 12:45

Mike Miller

3,071
3
25
32

No change in result. I tried doing just a $newvalue = mb_covert_encoding($password2), 'iso-8859-1'); and then return $newvalue thinking that it would covert it all at the end just like it does in browser with no result. – Cody J. Mathis Oct 30 '15 at 12:53
I would chuck around a few encoding options. When you say it "shows you a result" do you mean in the browser? What does the string actually look like? – Mike Miller Oct 30 '15 at 13:38

score 0 · Accepted Answer · answered Oct 30 '15 at 13:07

Just needed to return as UTF8.

Here is the full script.

private function simpleCrypt($password) {

    $text = strtoupper(trim($password));
    $chars = str_split($text);
    $password2 = '';

    foreach ($chars as $char) {
        $asciivalue = ord($char);


        if ($asciivalue < 128) {
            $newasciivalue = $asciivalue + 128;
            $newchar = chr($newasciivalue);
            $password2 = $password2 . $newchar;

        } elseif ($asciivalue > 128) {

            $newasciivalue = $asciivalue - 128;
            $newchar = chr($newasciivalue);
            $password2 = $password2 . $newchar;

        }
    }

    return mb_convert_encoding(($password2), 'utf8');
}

score 0 · Answer 3 · edited May 23 '17 at 10:27

0

Those black diamonds usually come from having non-utf8 bytes in your client and not telling MySQL what encoding you have.

Encryption should not be stored in VARCHAR; rather VARBINARY or BLOB.

See UTF-8 all the way through

edited May 23 '17 at 10:27

Community

1
1

answered Dec 08 '15 at 02:48

Rick James

135,179
13
127
222

Western and Unicode Characters in PHP Crypt Method

3 Answers3