cerin Posted February 25, 2006 Share Posted February 25, 2006 I have successfully encoded some text using the Encode command referred to [a href=\"http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html\" target=\"_blank\"]here[/a]. Now, I am trying to decode the string I just encoded. I don't see what exactly I have to pass as the arguement "crypt_str" or at least how to identify it without typing the encoded text. I have tried stuff like [code]WHERE userid='username' SET password=DECODE(tons of tried things here,'password');[/code]I seems to me that MySQL has syntax with zero flexibility. Quote Link to comment https://forums.phpfreaks.com/topic/3595-encodedecode/ Share on other sites More sharing options...
wickning1 Posted February 25, 2006 Share Posted February 25, 2006 To encode something:UPDATE table SET passwordcolumn = ENCODE("thePassword", "yourSalt") WHERE id=1;To decode it:SELECT DECODE(passwordcolumn, "yourSalt") FROM table WHERE id=1;You must choose a salt, that is your secret key for decoding the string. If there was no secret key, and all you had to do to decode it was say DECODE(passwordcolumn), then anybody could do it, and there'd be no point encrypting it. Clear? Quote Link to comment https://forums.phpfreaks.com/topic/3595-encodedecode/#findComment-12483 Share on other sites More sharing options...
cerin Posted February 26, 2006 Author Share Posted February 26, 2006 Ok, I've got that down. Thanks for the help. Can I make the password column auto encode data inserted into it? Quote Link to comment https://forums.phpfreaks.com/topic/3595-encodedecode/#findComment-12532 Share on other sites More sharing options...
wickning1 Posted February 26, 2006 Share Posted February 26, 2006 You'd have to store the salt in MySQL, which would compromise it. Quote Link to comment https://forums.phpfreaks.com/topic/3595-encodedecode/#findComment-12539 Share on other sites More sharing options...
fenway Posted February 26, 2006 Share Posted February 26, 2006 For passwords, you might as well store the MD5-encrypted string -- just make sure to encode it on the PHP side. Quote Link to comment https://forums.phpfreaks.com/topic/3595-encodedecode/#findComment-12547 Share on other sites More sharing options...
cerin Posted February 28, 2006 Author Share Posted February 28, 2006 Can I make it so that when I select and decode, so that the column with the decoded password isn't named "DECODE(passwordcolumn,'pass')"? Quote Link to comment https://forums.phpfreaks.com/topic/3595-encodedecode/#findComment-13148 Share on other sites More sharing options...
wickning1 Posted February 28, 2006 Share Posted February 28, 2006 Yes, use an alias.[code]SELECT DECODE (passwordcolumn, 'pass') as pwd FROM table[/code]Then in PHP you'd be able to access it with $row['pwd'] Quote Link to comment https://forums.phpfreaks.com/topic/3595-encodedecode/#findComment-13153 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.