CODEWITHSUNDEEP
phpmysqlencryptionunicode
Cody J. Mathis
Cody J. Mathis

Reputation: 652

Western and Unicode Characters in PHP Crypt Method

I'm using a simple method of modifying a password so that it is not stored in plain text. This is on a production database and application and it has worked up until switching from Windows Server 2003 to 2012. 

private function simpleCrypt($password) {

    $text = strtoupper(trim($password));
    $chars = str_split($text);
    $password2 = '';

    foreach ($chars as $char) {
        $asciivalue = ord($char);


        if ($asciivalue < 128) {
            $newasciivalue = $asciivalue + 128;
            $newchar = chr($newasciivalue);
            $password2 = $password2 . $newchar;

        } elseif ($asciivalue > 128) {

            $newasciivalue = $asciivalue - 128;
            $newchar = chr($newasciivalue);
            $password2 = $password2 . $newchar;

        }
    }


    return $password2;
}

When ever my password gets ran through this script it shows me a result of �� vs the actual encoded password that was generated by the other system on 2003. It shows correct "western" characters. If I use Firefox and change text encoding to western however it shows me the correct database representation of the password. I've tried adding meta to my header on the login page thinking that it would correct this but I get the same result. 

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">

Upvotes: 1

Views: 159

Answers (3)

Rick James
Rick James

Reputation: 142453

Those black diamonds usually come from having non-utf8 bytes in your client and not telling MySQL what encoding you have.

Encryption should not be stored in VARCHAR; rather VARBINARY or BLOB.

See UTF-8 all the way through

Upvotes: 0

Cody J. Mathis
Cody J. Mathis

Reputation: 652

Just needed to return as UTF8.

Here is the full script. 

private function simpleCrypt($password) {

    $text = strtoupper(trim($password));
    $chars = str_split($text);
    $password2 = '';

    foreach ($chars as $char) {
        $asciivalue = ord($char);


        if ($asciivalue < 128) {
            $newasciivalue = $asciivalue + 128;
            $newchar = chr($newasciivalue);
            $password2 = $password2 . $newchar;

        } elseif ($asciivalue > 128) {

            $newasciivalue = $asciivalue - 128;
            $newchar = chr($newasciivalue);
            $password2 = $password2 . $newchar;

        }
    }

    return mb_convert_encoding(($password2), 'utf8');
}

Upvotes: 0

Mike Miller
Mike Miller

Reputation: 3129

Try

$text = mb_convert_encoding(strtoupper(trim($password)),'iso-8859-1');

Upvotes: 1

Related Questions