1

I'm fairly new to PHP and very new to encrypting using PHP, I've read up on some forums and watched some videos about it however as much as I try, it never encrypts properly. This is my code below to test (I know I shouldn't be md5 it's just to see if it works at first).

When I run this code on my website it tells me page is not responding meaning there is an error, however I cannot spot one or see where I went wrong. 

<?php

$key = md5('pass');

function encrypt($string, $key){
    $string = rtrim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $string, MCRYPT_MODE_ECB)));
    return $string;
}

$output = encrypt("test", $key);
echo $output;

?>
Brian Tompsett - 汤莱恩
  • 5,753
  • 72
  • 57
  • 129
Tooble
  • 81
  • 7
  • Check your error logs and see what the actual error message is, or turn on `dsiplay_errors` in your local php.ini file, while developing. – M. Eriksson Feb 22 '17 at 17:51
  • Possible duplicate of [How do you Encrypt and Decrypt a PHP String?](http://stackoverflow.com/questions/16600708/how-do-you-encrypt-and-decrypt-a-php-string) – miken32 Feb 22 '17 at 17:53
  • Im not familiar with php.ini and am uploading to FTP as I am working? – Tooble Feb 22 '17 at 17:54
  • 1
    Depends on your installation. Create a php page with this content: ``. Browse to the page and you should see a lot of info, including where the error log is. However, you should really not roll your own encryption functions. Check for a solid up to date library for that instead, like defuse/php-encryption, or similar – M. Eriksson Feb 22 '17 at 17:56
  • | error_log | no value | no value, it displays no value for all error_log options – Tooble Feb 22 '17 at 18:02

1 Answers1

3

You shouldn't be using MD5 to encrypt anything, passwords especially.

Look into php's password_hash() and password_verify() functions. Not only are they more secure than what you're doing right now, they're simpler to use as well.

Jay Blanchard
  • 34,243
  • 16
  • 77
  • 119
Lucas Krupinski
  • 682
  • 5
  • 16
  • 1
    The only nit I have to pick with this answer is that MD5 is not encryption. – Sammitch Feb 22 '17 at 18:33
  • That's correct, it's not encryption. But OP is asking about encryption, by their title. If they had said they were interested in creating quick to verify checksums, then MD5 may be more appropriate, except not because it's [horribly flawed](https://natmchugh.blogspot.co.at/2014/10/how-i-created-two-images-with-same-md5.html) at this point. (with plenty of other examples out there). – Lucas Krupinski Feb 22 '17 at 21:22