Mysql insert problem

[monkeybidz]

This is the way o got this code:

 

$pass=$_POST['pass'];

$insert=mysql_query("insert into userlist values ('','$name','$email',AES_ENCRYPT('$pass','$mysecretkey'),now())");

 

In database password = password, it does not = pass

[alexander007]

INSERT INTO table_name (column1, column2,...)
VALUES (value1, value2,....)

[monkeybidz]

Well, it inserts evreything else except the $pass

[adza]

why not trying to store your encrypted string in the $pass variable first.. that way you won't be trying to insert a function into a db table field...

 

$pass = $_POST['pass'];

$secure_pass = AES_ENCRYPT($pass, $mysecretkey);

 

then insert $secure_pass into the table....

 

this is how i would try it, however i'm still rank n00b myself so, probably best taken with a grain of salt

[monkeybidz]

I will give it try. It makes sense.

[monkeybidz]

I get this error now:

Fatal error: Call to undefined function: aes_encrypt()

[darkfreaks]

AES_ENCRYPT is not a PHP function rather a MYSQL function

[monkeybidz]

Ok, i got it to post all the fields now, but now i need to encrypt the password and be able to decrypt. What i am posting here will only insert the secret key+password+secret key again, but is it safe?

 

$password=$mysecretkey.$_POST['pass'].$mysecretkey;

$insert=mysql_query("INSERT INTO `userlist` (id, name, email, password, startdate)VALUES('','$name','$email','$password',now())");