I am really new at PHP and I'm trying to add a value to data base using this code. I tried to echo all of the tags and everything worked except it doesn't show up in my data base. I had all that working as well till I added the encryption part. I already found that if I used MCRYPT_RAND instead of MCRYPT_DEV_URANDOM it seemed to work better. Something tells me it might just be a simple error that I can't find. Any tips on how to find this error or answers appreciated.
<?php
$account = "$_REQUEST[Account]";
$password = "$_REQUEST[Password]";
$pin = "$_REQUEST[Pin]";
$date = "$_REQUEST[Date]";
$username1 = "$_REQUEST[Username]";
$store1 = "$_REQUEST[Store]";
$category1 = "$_REQUEST[Category]";
$amount1 = "$_REQUEST[Amount]";
$bankaccount1 = "$_REQUEST[BankAccount]";
$notes1 = "$_REQUEST[Notes]";
$millisecond = "$_REQUEST[MilliSecond]";
$sqlaccounts = mysql_connect("localhost", "root", "")
or die (mysql_error());
mysql_select_db("bumblebeesaccounts", $sqlaccounts);
$sql = "SELECT * FROM `users` WHERE `account` = '$account'";
$result = mysql_query($sql, $sqlaccounts);
$verify_account = mysql_fetch_assoc($result);
$key = $verify_account['salt'];
$username = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $username1, MCRYPT_MODE_ECB);
$store = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $store1, MCRYPT_MODE_ECB);
$category = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $category1, MCRYPT_MODE_ECB);
$amount = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $amount1, MCRYPT_MODE_ECB);
$bankaccount = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $bankaccount1, MCRYPT_MODE_ECB);
$notes = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $notes1, MCRYPT_MODE_ECB);
$sqlconnect = mysql_connect("localhost", "root", "")
or die (mysql_error());
mysql_select_db("bumblebeesbudgetapp", $sqlconnect);
$sqlinsert = "INSERT INTO `bob` (`id`, `date`, `username`, `store`, `category`, `amount`, `bank account`, `notes`, `millisecond`, `receiptpicture`)
VALUES (NULL, '$date', '$username', '$store', '$category', '$amount', '$bankaccount', '$notes', '$millisecond', '')";
mysql_query($sqlinsert, $sqlconnect);
echo $username;
echo mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $username, MCRYPT_MODE_ECB);
?>
I got it going now. The biggest change that i made is I base64 encrypted all the mcyrpt data.
$username = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $username1, MCRYPT_MODE_ECB));
$store = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $store1, MCRYPT_MODE_ECB));
$category = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $category1, MCRYPT_MODE_ECB));
$amount = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $amount1, MCRYPT_MODE_ECB));
$bankaccount = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $bankaccount1, MCRYPT_MODE_ECB));
$notes = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $notes1, MCRYPT_MODE_ECB));
To get values from associative array like $_REQUEST you should change the using of qoutes from
...
$account = "$_ REQUEST[account]";
...
to
...
$account = $_REQUEST["account"];
...
I think the column id is a primary key, isn't it? So it couldn't be null. If its an autoincrement column, you could leave the value:
$sqlinsert = "INSERT INTO `bob` (`date`, `username`, `store`, `category`, `amount`, `bank account`, `notes`, `millisecond`, `receiptpicture`)
VALUES ('$date', '$username', '$store', '$category', '$amount', '$bankaccount', '$notes', '$millisecond', '')";