So this is beeing kind of tricky for me, like it says in the title im trying to make the program so when you try to input an email that alrady is in the database it gives you an error, it sounds simple enough but i have tried at least a docen times and when i try it out it just doesn’t return nothing and still registers the email as a new account in the DB, there’s not even an error message (i checked) so something must be really wrong. I dont know how else i can do this. I have never done criptography before and i dont really know what im doing.
If you also have any tips or documentation that can help me get better ill appreciate it.
All my code is in PHP
The cipher method im using is AES-128-GMC
There may say cypher insted of cipher in some functions its just that i changed some variable names to make it more understandable in english and some might have slipped.
Register.php
This is in the register.php after the form
if (isset($_POST['register_user'])){
$hashed_password = password_hash($_POST["password"], PASSWORD_DEFAULT);
//cipher the data
$cipher_name = cipherData($_POST["name"]);
$cipher_lastname = cipherData($_POST["lastname"]);
$cipher_email = cipherData($_POST["email"]);
//function to compare the input email with the ones in the DB
$email_checked=$db->checkEmail($_POST["email"]);
if($email_checked == true){
echo"The email is already registered";
}else{
if(isset($_POST['is_admin'])){
$db->registerUser($cipher_name ,$cipher_lastname ,$cipher_email ,1,$hashed_password);
}else{
$db->registerUser($cipher_name ,$cipher_lastname ,$cipher_email ,0,$hashed_password);
}
}*/
header('register.php');
}
function checkEmail()
Here is the checkEmail function, this funtion is inside the connection.php
public function checkEmail($email_input) {
$users= $this->resultQueryToJSON(
"SELECT user_id
FROM t_user",
['user_id']
);
foreach($users as $row_user){
$get_emails= $this->resultQueryToJSON(
"SELECT user_email
FROM t_user
WHERE user_id = '".$row_user['user_id']."'",
['user_email']
);
$email = $get_emails[0]['user_email'];
//I decipher the email so i can compare them
$email_guardado= decipherData($email);
if ($email_guardado == $email_input){
return true;
}
}
}
function decipherData()
This is the decipherData function
function decipherData($cipher_data){
global $cipher;
global $tag;
global $key;
if (in_array($cipher, openssl_get_cipher_methods())){
//this was set up in the cipherData function
list($cipher_data, $iv) = explode('::', base64_decode($cipher_data), 2);
$decipher_data= openssl_decrypt($cipher_data, $cipher, $key, $options=0, $iv, $tag);
return $decipher_data;
}
}
Just beacuse i hate when there is a funtion that is not explained in the post here is the cipherData funtion in case it helps to claryfy what im doing
function cipherData($data){
global $cipher;
global $tag;
global $key;
if (in_array($cipher, openssl_get_cipher_methods())&& isset($data)){
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($cipher));
$cipher_data= openssl_encrypt($data, $cipher, $key, $options=0, $iv, $tag);
return base64_encode($cipher_data . '::' . $iv);
}else{
echo'Cipher Error';
}
}```
Thank you all
JGEst02 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.