Using a prepared statement in PHP...
$sql = "insert into `customers` (`name`, `email`) values (?, AES_ENCRYPT(?,?))";
$mysqli = $oDB->connect(); // see below for $oDB class and connect function
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("sss", $name, $email, $key);
$stmt->execute();
... I'm trying to encrypt the email so it's stored a little more securely (or at least so that dumping the contents of the customers table doesn't show the email in plain text)
($key is a randomly generated string of 32 characters, if that's relevant)
The database and tables use utf8mb4_unicode_520_ci coding.
And I've tried setting the connection charset before executing the statement...
class oDB {
public function connect() {
$mysqli = new mysqli($this->db['host'], $this->db['user'], $this->db['pass'], $this->db['name']);
$mysqli->set_charset("utf8mb4");
return $mysqli;
};
Upon executing the sql the program returns the error Incorrect string value: '\x99\xC1\xE8\x89u\'
Looking up this code I get solutions about setting the charset on the mysqli connection before sending the sql. But somehow that doesn't work.
Any ideas on how to resolve the incorrect string value error?
