how to use my md5 function in a query?

[cluce]

my code works great. The little problem I have is its not returning the password only the hash form of it. Can someone show me where to insert the md5 function. I tried everywhere I can think of...

 

    //create and issue the query
    $sql = "SELECT username, password FROM auth_users WHERE email = '".$_POST["email"]."' LIMIT 1";
    $res = mysqli_query($mysqli, $sql); 
$bodyArr = mysqli_fetch_array($res);
    	
    $to = $_POST["email"];
$subject = "Account Information";
    $body = "Username: " . $bodyArr['username'] . "\nPassword: " . $bodyArr['password'];

mail ($to, $subject, $body);

[hitman6003]

I'm assuming that you are trying to email the user their password...like a "Forgot your password" thing...

 

md5 is a one way hash.  In other words, you can't reverse it and get the original string back.

 

The easiest thing to do is to reset the user's password for them and email it to them.

[per1os]

Another option is create your own hashing protocol with a seed. If you have the seed you can "decrypt" the hash. There are plenty of functions that will encrypt and decrypt already made. www.php.net/md5

 

Alexander Valyalkin

30-Jun-2004 04:41

Below is MD5-based block cypher (MDC-like), which works in 128bit CFB mode. It is very useful to encrypt secret data before transfer it over the network.

$iv_len - initialization vector's length.

0 <= $iv_len <= 512

 

<?php

 

function get_rnd_iv($iv_len)

{

    $iv = '';

    while ($iv_len-- > 0) {

        $iv .= chr(mt_rand() & 0xff);

    }

    return $iv;

}

 

function md5_encrypt($plain_text, $password, $iv_len = 16)

{

    $plain_text .= "\x13";

    $n = strlen($plain_text);

    if ($n % 16) $plain_text .= str_repeat("\0", 16 - ($n % 16));

    $i = 0;

    $enc_text = get_rnd_iv($iv_len);

    $iv = substr($password ^ $enc_text, 0, 512);

    while ($i < $n) {

        $block = substr($plain_text, $i, 16) ^ pack('H*', md5($iv));

        $enc_text .= $block;

        $iv = substr($block . $iv, 0, 512) ^ $password;

        $i += 16;

    }

    return base64_encode($enc_text);

}

 

function md5_decrypt($enc_text, $password, $iv_len = 16)

{

    $enc_text = base64_decode($enc_text);

    $n = strlen($enc_text);

    $i = $iv_len;

    $plain_text = '';

    $iv = substr($password ^ substr($enc_text, 0, $iv_len), 0, 512);

    while ($i < $n) {

        $block = substr($enc_text, $i, 16);

        $plain_text .= $block ^ pack('H*', md5($iv));

        $iv = substr($block . $iv, 0, 512) ^ $password;

        $i += 16;

    }

    return preg_replace('/\\x13\\x00*$/', '', $plain_text);

}

 

/******************************************/

$plain_text = 'very secret string';

$password = 'very secret password';

echo "plain text is: [${plain_text}]<br />\n";

echo "password is: [${password}]<br />\n";

 

$enc_text = md5_encrypt($plain_text, $password);

echo "encrypted text is: [${enc_text}]<br />\n";

 

$plain_text2 = md5_decrypt($enc_text, $password);

echo "decrypted text is: [${plain_text2}]<br />\n";

 

?>

[cluce]

oh OK. I was wondering what reversed meant. Thanks for clearing that up.

[cluce]

that function looks complicated.