blackhatguy
New Member
I was wondering what is the most secure way to retrieve encrypted data from mysql database....When I store say the encrypted password "encrypt('12345')" it is stored as 'cp9pDkjkCWZSggHCdT2wg='... I was wondering what is the correct and most secure way to retrieve the data? for example, when verifying whether the password a user entered is correct, is smart to run a comparison between the two encrypted versions of the passwords? Also, is it a good practice to encrypt data such as e-mails, usernames, first/last names, etc... or just passwords, credit card info, etc...?This is the encryption method I am using...\[code\]function encrypt($text) { return trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, SALT, $text, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)))); } function decrypt($text) { return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, SALT, base64_decode($text), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))); } \[/code\]