simple md5 question

[fife]

Hi.  I have an ID in md5 format but in the database its not.  I pass the md5 ID to a page and then I am trying to load the correct record via a look up in the database of that ID.  Im wondering is this code possible?

 

 

<?php $query = mysql_query("SELECT * FROM table WHERE ".md5(tableID)." = $ID"); ?>

 

Thanks

[Pikachu2000]

What happened when you tried it?

[fife]

Sorry for late reply guys.  Im in work.  Yes when I ran the query I had this error.....

 

Unknown column '8244100d2bc069d6d4c6e3d8f984c6de' in 'where clause'

[xyph]

No. MD5 is a one-way hash. You can't get the ID back from the hash without a look-up table

[fife]

so this is not possible then as the ID in the data base is not in md5?

 

<?php
$ID = md5($ID);

$query = mysql_query("SELECT * FROM table WHERE ".md5(tableID)." = $ID");




?>

[PFMaBiSmAd]

If $ID is an md5 value, it is a string and needs to be enclosed in single-quotes in the query statement. If tableID is a column in your table, you cannot use php's md5() function on the value, you must use mysql's md5 function on the value inside the query statement.

 

$query = mysql_query("SELECT * FROM table WHERE md5(tableID) = '$ID'");

[xyph]

That query will cause MySQL to perform an MD5 on every row in your table. This is generally a very bad idea.

 

That is how you'd want to form your query though.