hey i am still a novice and i need some help.
i have this function after update to encrypt the pass word, but i want that this function will only run whe the old and new value of this field are different.
function Credentials_after_update($data, $memberInfo, &$args){
$key = 'my super private key';
sql("update `Credentials` set `PASSWORD`= AES_ENCRYPT('{$data['PASSWORD']}', '$key') where `ID`='{$data['selectedID']}'", $eo);
return TRUE;
}
am grateful for suggestions
Compare Old and new Value of a Filed
-
- AppGini Super Hero
- Posts: 85
- Joined: 2014-06-14 03:08
- Location: India
- Contact:
Re: Compare Old and new Value of a Filed
I have an idea its bit different but will get your things done.
In before update
1. get old values from DB
2. Save old value in session
In after Update
1. Compare the new value and value in session.
2. Encrypt if the value is different.
3. unset the session value.
In before update
1. get old values from DB
2. Save old value in session
In after Update
1. Compare the new value and value in session.
2. Encrypt if the value is different.
3. unset the session value.
Re: Compare Old and new Value of a Filed
hey udayvatturi,
thanks for your response and excuse my novice question. The Idea is great but how do i save the old values to a session.
could you give me a hint by a example.
thx a lot
thanks for your response and excuse my novice question. The Idea is great but how do i save the old values to a session.
could you give me a hint by a example.
thx a lot
-
- AppGini Super Hero
- Posts: 85
- Joined: 2014-06-14 03:08
- Location: India
- Contact:
Re: Compare Old and new Value of a Filed
this logic will help you but what if the old value in DB is already encrypted? you may not be able to compare the encrypted data with normal text.
But surely there will be some alternatives.
But surely there will be some alternatives.
Re: Compare Old and new Value of a Filed
hello uday,
i can decrypt the stored value and compare the Values. But can you give me a example regardless of the encryption how to compare stored and Sessionbased Values.
thx
i can decrypt the stored value and compare the Values. But can you give me a example regardless of the encryption how to compare stored and Sessionbased Values.
thx
Re: Compare Old and new Value of a Filed
i have tried to do it this way but i get a white page when i open the Credentials page.
perhaps anybody has a idea
function Credentials_before_update(&$data, $memberInfo, &$args){
$key = 'my super private key';
// get the stored Passwordvalue of the record
$CurrentPassword=sqlValue("select aes_decrypt(PASSWORD,'$KEY') from Credentials where `ID`='{$data['selectedID']}'");
// get the new Passwordvalue of the record
$NewPassword='{$data['PASSWORD']}';
// check if the Password has changed
if($CurrentPassword != $NewPassword);
sql("update `Credentials` set `PASSWORD`= AES_ENCRYPT('{$data['PASSWORD']}', '$key') where `ID`='{$data['selectedID']}'", $eo);
return TRUE;
}
anyone got an idea how to
perhaps anybody has a idea
function Credentials_before_update(&$data, $memberInfo, &$args){
$key = 'my super private key';
// get the stored Passwordvalue of the record
$CurrentPassword=sqlValue("select aes_decrypt(PASSWORD,'$KEY') from Credentials where `ID`='{$data['selectedID']}'");
// get the new Passwordvalue of the record
$NewPassword='{$data['PASSWORD']}';
// check if the Password has changed
if($CurrentPassword != $NewPassword);
sql("update `Credentials` set `PASSWORD`= AES_ENCRYPT('{$data['PASSWORD']}', '$key') where `ID`='{$data['selectedID']}'", $eo);
return TRUE;
}
anyone got an idea how to
-
- AppGini Super Hero
- Posts: 54
- Joined: 2014-03-09 20:20
Re: Compare Old and new Value of a Filed
Several problems here.
1. In MySQL, 'PASSWORD' is a reserved word. You'll have to rename it to something like 'password_hash'.
2. Select Syntax is incorrect.
Should be-:
$CurrentPassword=sqlValue("SELECT aes_decrypt(password_hash,$key) FROM Credentials WHERE ID = '{$data['selectedID']}' ");
note that $key is already a string, so no need for quotes and the change to the name of the password field.
field: ID - no need for quotes.
3. Incorrect user of aes_decrypt. mySQL uses 128-bit aes, and you are using 256 bits in your php code. You are applying base64_encode() to convert PHP's binary result to text, whereas the MySQL result appears merely to be a hexadecimal representation of its binary result.
I suggest that you use the following script as an include. Available here: http://aesencryption.net/#PHP-aes-encryption-example
An example of using the class to is also shown.
1. In MySQL, 'PASSWORD' is a reserved word. You'll have to rename it to something like 'password_hash'.
2. Select Syntax is incorrect.
Should be-:
$CurrentPassword=sqlValue("SELECT aes_decrypt(password_hash,$key) FROM Credentials WHERE ID = '{$data['selectedID']}' ");
note that $key is already a string, so no need for quotes and the change to the name of the password field.
field: ID - no need for quotes.
3. Incorrect user of aes_decrypt. mySQL uses 128-bit aes, and you are using 256 bits in your php code. You are applying base64_encode() to convert PHP's binary result to text, whereas the MySQL result appears merely to be a hexadecimal representation of its binary result.
I suggest that you use the following script as an include. Available here: http://aesencryption.net/#PHP-aes-encryption-example
An example of using the class to is also shown.