Zulu
Posts: 33
|
| Posted: 09/11/2004, 7:00 AM |
|
I would like to store a text in encryped format and validate the user input with the decrypted text. What is the safest method in php to do this. Do I have to write down my own encryption/decryption method or php has any built-in fucntion/procedure to do that?
|
 |
 |
fsibaja
Posts: 10
|
| Posted: 09/12/2004, 3:00 PM |
|
What exactly do you want to do? To store passwords or something like that?
If you want to store "encrypted" password use md5, but this actually is not encryption so you cannot obtain the original string from the hash code .
_________________
Fernando Sibaja |
|
|
|
Zulu
Posts: 33
|
| Posted: 09/13/2004, 5:54 AM |
|
There is a table of account recharge that stores card information with card ID and card PIN. I would like to store the values which are merely text fields in encrypted form. When the user inputs these ID and PIN they input the actual ones. The php script should be able to validate these inputs with table's ones.
I guess now u know what and why. You just tell me how
|
|
|
|
fsibaja
Posts: 10
|
| Posted: 09/13/2004, 7:58 AM |
|
Ok, so you don't need to decrypt anything later.
Use md5.
When you'll insert save the md5, no the string. And when you make the select compare against the md5 code.
When you insert, modify the custom insert like this.
Set the parameter type to expression, and write something like this:
md5($this->PIN->GetValue()) /* this ocurrs inside a record function */
The same for the select.
Regardas
_________________
Fernando Sibaja |
|
|
|
Zulu
Posts: 33
|
| Posted: 09/13/2004, 11:45 AM |
|
Sorry, I think did not make myself clear to you. I would like to use registration cards for the users to access my site. The physical card contains a 19 charcater ID no. and PIN printed on it.
my cards table contains the following fields
CID - that contains card id and CPIN - that contains the card PIN. The printed card will contain say "1111-2222-3333-4444" as CID and "AAAA-BBBB-CCCC-DDDD" as CPIN. in the table I would like to store these values in encrypted form - for this example may be as "a876-sdas-sd2q" as CID and "poip-uyt1-bmn1" as CPIN. Users input the values written on the printed card. From my page I would like to validate these values with the decrypted values stored in table. I need an encrypting and an decrypting function to do that.
Did I get it right this time?
|
|
|
|
zebediah
|
| Posted: 09/20/2004, 8:19 AM |
|
the procedure is something like this:
storing the CID and CPIN
------------------------------------
encrypt(CID) -> store encrypted value in table
encrypt(CPIN) -> store encrypted value in table
checking user input
---------------------------
encrypt(CID<-input by user)-> compare with encrypted stored value (is it same? OK)
encrypt(CPIN<-input by user)->compare with encrypted stored value (is it same? OK)
so, you never decrypt (no way) you just check two encrypted values (if they are the same then the originals are the same also)
|
|
|
|
Zulu
Posts: 33
|
| Posted: 09/20/2004, 8:31 AM |
|
Thanks. can we use then the md5 function. will it work?
|
|
|
|
