Re: [PHP] occasional mcrypt problems
As you have magic_quotes on, automatically happens *addslashes*, now you need to reverse the proces Steve Yates wrote: Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... try $_POST['Credit_Card_Number']=stripslashes($_POST['Credit_Card_Number']); But if magic_quotes_gpc=on shouldn't that happen automatically? - Steve Yates - Brainstorm? No, but I had a braindrizzle once. ~ Taglines by Taglinator - www.srtware.com ~ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] occasional mcrypt problems
Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... As you have magic_quotes on, automatically happens *addslashes*, now you need to reverse the proces I think I see where you're going, but I'm not sure that's the correct avenue here. If slashes from magic_quotes were in the string before encryption, wouldn't they be in the string after decryption? Why would that result in data corruption? Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... $_POST['Credit_Card_Number']=stripslashes($_POST['Credit_Card_Number']); - Steve Yates - WORK HARDER!... Millions on welfare depend on YOU!!! ~ Taglines by Taglinator - www.srtware.com ~ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] occasional mcrypt problems
try $_POST['Credit_Card_Number']=stripslashes($_POST['Credit_Card_Number']); Steve Yates wrote: Hello, I recently implemented a database using MySQL that is storing selected fields encrypted. However on a very small number of records the decrypted result is not correct for some fields, for example for this credit card number: -99-ÏF¡hßxø It appears in fact the same way as the problem I first experienced, when the database field was not big enough to store the encrypted text (which I discovered takes a multiple of the blocksize, so it is usually bigger than the original string). However the blocksize is 8 and to provide a safety margin all the fields to be encrypted have 10 extra characters in them (varchar fields). So far this happens on at most one field in a record, perhaps on less than 5% of the records. At first I was thinking maybe the addslashes() was adding text but MySQL should be stripping that out before entering it into the database, right? Also I can't seem to duplicate this by entering the same values in the form again. Any suggestions? Here is my encryption code: $hrkey = '$R^a$nd()M%'; // changed text $td = mcrypt_module_open(MCRYPT_TRIPLEDES,'', MCRYPT_MODE_ECB, ''); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), 99); //changed the number $ks = mcrypt_enc_get_key_size ($td); $key = substr(md5($hrkey), 0, $ks); mcrypt_generic_init($td, $key, $iv); $CreditCardNumber = addslashes(mcrypt_generic($td, $_POST['Credit_Card_Number'])); (...post to database here...) mcrypt_module_close($td); Decryption code: function mydecrypt($enc) { global $td; return rtrim(mdecrypt_generic($td, $enc), \0); } Thanks for any insight! - Steve Yates - ASCII stupid question, get a stupid ANSI. ~ Taglines by Taglinator - www.srtware.com ~ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] occasional mcrypt problems
Marek Kilimajer [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... try $_POST['Credit_Card_Number']=stripslashes($_POST['Credit_Card_Number']); But if magic_quotes_gpc=on shouldn't that happen automatically? - Steve Yates - Brainstorm? No, but I had a braindrizzle once. ~ Taglines by Taglinator - www.srtware.com ~ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php