I hash my passwords like so;
hash('sha256', $_POST['password'], date('y/m/d'))
Now say a password that is 'aaa' enters my mysql table like so;
˜4‡mÏ°\±g¥ÂIS륌JÈ›ßWò/ ¯~èð
Now when I go in to edit anything on that row, it will disregard some characters and change it to something along the lines of;
˜4‡mÏ°\±g¥ÂIS륌JÈ›
I have tried changing all the unicode settings for the mysql connection, the database, tables, and the individual row. I am using PDO, and InnoDB.
Am I doing something daft?!?
Thanks.
The prototype of the hash function is:
string hash ( string $algo , string $data [, bool $raw_output = false ] )
You're passing date('y/m/d') as the third argument, resulting in binary output, as the string is interpreted as true.
You probably want hex output. You should drop that third argument. You probably wanted to integrate the date into the field somehow, which requires concatenation.
make sure your column has a binary type, or convert your hash to a hex string before inserting it in your db (bin2hex(hash('sha256', …, …));)
Am I doing something daft?!?
Yes. You shouldn't really edit a set of bytes manually in phpMyAdmin. It's not a string, you know.
To ensure the data is ok in DB, ensure your column is of BINARY type and always insert it escaped with mysql_real_escape_string.