Jump to content

Archived

This topic is now archived and is closed to further replies.

OLM3CA

md5 function

Recommended Posts

hi again
i want to crypte the id's of news with md5
my code :
                  [code]while ($row = mysql_fetch_array($result)) {

echo "<a href='news.php?newsID=".$row['id']."'>".$row['title']."</a>";  }[/code]

i made it like this :
[code]echo "<a href='news.php?newsID=".[color=red]md5($row['id'])[/color]."'>".$row['title']."</a>";[/code]
its okey the link is shown like this .....news.php?newsID=sad56asdasfda65dg76g326ge76gb6dsa
but when I click the link,I have an error :

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in ....
am I need to change anything in the SQL query ?
and my query :

        [code]$query = "SELECT title,id FROM newss LIMIT 0, 12";
$result = mysql_db_query("xxxx",$query);
[/code]

Share this post


Link to post
Share on other sites
Query looks fine for me, but is your news table actually spelt as newss (note the extra s).

Share this post


Link to post
Share on other sites
oh sorry I forgot the real point i open the link in an other page links are on the index.php but when i click the link opening in news.php am i need to change anything on this page ?

//Links are opened in this page
[code]$query2="SELECT * FROM newss WHERE id=$newsID";
$result2= mysql_db_query("xxxx",$query2);

while ($row2 = mysql_fetch_array($result2)) {
         
            echo $row2['title'];
            echo $row2['metin'];
}[/code]

there is no problem with the newss  double s

Share this post


Link to post
Share on other sites
It seems to me like you:

1) Fetch a regular id from a db.
2) Md5 it, pass it to news.php.
3) Use it (MD5'd  ???) to fetch a record from the table.

If so, it's pretty obvious why it doesn't work, wouldn't you agree?

Your query is not returning any results, as there are no records with an id like sad56asdasfda65dg76g326ge76gb6dsa...

Share this post


Link to post
Share on other sites
sorry ı dont exactly understand you 448191 my english is not good enough but let me explain

the codes and queries that ı post in my first message is in index page
md5 it and send it to news.php  there is a code like this in news.php

[code]if(newsID) {

$query2="SELECT * FROM newss WHERE id=$newsID";
$result2= mysql_db_query("xxxx",$query2);

while ($row2 = mysql_fetch_array($result2)) {
         
            echo $row2['title'];
            echo $row2['metin'];
} }[/code]

i think the problem is the query in news.php doesnt recognise the md5 code for newsID ??

Share this post


Link to post
Share on other sites
Of course it doesn't. It's a completely different string! If you want to encrypt id's, you have to either store them encrypted, or use a method that allows for decryption.

If you can read Dutch, I can explain it to you in Dutch, otherwise I think I'll have someone else have a go.

Share this post


Link to post
Share on other sites
not dutch can you tell me what should ı do in english

Share this post


Link to post
Share on other sites
i don't understand [i]why[/i] you're wanting to md5() the id.  is it a unique id number for a post or something like that in your database?  what is the problem with people seeing the id number?

anyway, i'll use this example to show you why it's not working.

keep in mind first that you cannot UN-md5()!

let's say you have a database with the following:
table name = "news"
[table]
[tr]
[td]id (unique)[/td]
[td]title[/td]
[td]text[/td]
[/tr]

[tr]
[td]1[/td]
[td]Headline[/td]
[td]This is the article text.  Blah...[/td]
[/tr]

[/table]

now you have an html page which shows a link to this article (you use a php script, but i'm using this just for an example).  the link points to a php script and passes parameters (GET - ?id=#) and that script looks up and shows the data from the table.

html:
[code]<a href="lookup_news.php?id=1">Headline</a>[/code]

lookup_news.php:
[code]$query = "SELECT * FROM news WHERE id = $_GET['id']";[/code]

this works fine.  now look at what happens if you md5() the id "1":
[code]<a href="lookup_news.php?id=c4ca4238a0b923820dcc509a6f75849b">Headline</a>[/code]

so nobody can see your id, right?  the problem comes in lookup_news.php.

the value you passed in the first example made $_GET['id'] = "1" which matches up with the entry in your database.  however this time around $_GET['id'] = "c4ca4238a0b923820dcc509a6f75849b".

so when you look up SELECT * FROM news WHERE id = "c4ca4238a0b923820dcc509a6f75849b" it won't return any results because the id is 1, not md5("1") (c4ca4238a0b923820dcc509a6f75849b).

there are several ways to solve this.  first, if you don't absolutely [i]need[/i] to hide the id, then don't.  a better way to hide the id from the address bar is to use mod_rewrite, which i won't get into here.

if it's necessary that you use md5() to hide the id, then you must store the id in the database as the md5(id).  you need your database to look like this:
table name = "news"
[table]
[tr]
[td]id (unique)[/td]
[td]title[/td]
[td]text[/td]
[/tr]

[tr]
[td]c4ca4238a0b923820dcc509a6f75849b[/td]
[td]Headline[/td]
[td]This is the article text.  Blah...[/td]
[/tr]

[/table]


this is achieved by changing the script that [i]inserts[/i] those news entries into the database.

for instance:

[code]
$title = "Headline";
$text = "This is the article text. Blah...";
$id = "1";
$new_id = md5($id);
[/code]

and insert the $new_id instead of the $id, so that it stores the md5'd version of the id instead of the original "1".  then you can perform a lookup with the md5'd id in the html/php and it will return the result you desire.

i hope that answers your question.  it basically boils down to the fact that there is no way to UN-md5 the id after you send it to the php script.  either the id you send and the id in the database have to BOTH be md5() or NEITHER.  i think you can see that php and mysql will not say that 1 = c4ca4238a0b923820dcc509a6f75849b

Share this post


Link to post
Share on other sites
Thank you very much its not the point that i want to hide id i want to know somethıng else about the md5 and i got it from your text thank you and thank you other repliers for my message.This really helps me and i understand where to you md5  ;)

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.