Logging in in PHP while logging data is AES encrypted

62
February 12, 2019, at 08:30 AM

My SQL table contains two types of data used to log in. First is email(In table named standard_name) and second is password. Because emails are AES encrypted using both key and IV(AES-256-CBC) there is not a chance that email encrypted in PHP file would be the same as the email encrypted in the past located in the database(Because IV generated for encrypting is never the same. That is why I hash password with md5. Since md5 hash is always the same I can query my database table by using password entered by user. But what if certain users have the same password. That is why logging only with password query would cause problems for the users. When I realised that I created a code which on first queries db using md5 hashed password then checks if email entered by user matches decrypted email from database and if not, it queries database another time but it is supposed to get only these records which do not have email already compared with entered one by user. And there is the problem. I do not know what $query5 should be. Can anybody tell me? Or maybe there is much easier way to deal with logging in while email is encrypted with AES. Here is my code:

 $lname = mysqli_real_escape_string($connect, $_POST['email']);
            $password2 = mysqli_real_escape_string($connect,  $_POST['password']);
function pad($data, $size) {
    $length = $size - strlen($data) % $size;
    return $data . str_repeat(chr($length), $length);
}
function unpad($data) {
    return substr($data, 0, -ord($data[strlen($data) - 1]));
}
function encrypt($data) {
$key = "SiadajerSiadajer";
$iv_size = 16; 
$iv = openssl_random_pseudo_bytes($iv_size, $strong);
$encryptedData = openssl_encrypt(pad($data, 16), 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
$joinedData = hex2bin(bin2hex($iv).bin2hex($encryptedData));
$encodedJoinedData = base64_encode($joinedData);
return $encodedJoinedData."\n"; 
}
function encrypt2($data) {
$hashed = md5($data);
return $hashed; 
}
 $password2 = encrypt2($password2); 
 echo $password2;
 echo $lname;
    $stmt3 = mysqli_stmt_init($connect);
      $query4 = "  
      SELECT standard_name FROM standard  
      WHERE standard_password = ?    
      "; 
if(!mysqli_stmt_prepare($stmt3, $query4)){
echo "Failed to authenticate";
} else {
    mysqli_stmt_bind_param($stmt3, "s", $password2);
    mysqli_stmt_execute($stmt3);
$result = mysqli_stmt_get_result($stmt3); } 
while($row = mysqli_fetch_object($result)){
    $email = $row->standard_name;
}
     $emaildecrypted = decrypt($email);
  if($emaildecrypted === $lname){
      echo "authentication successful"
  } else {
       $stmt4 = mysqli_stmt_init($connect);
      $query5 = "  
      SELECT standard_name FROM standard  
      WHERE standard_password = ? BUT NOT WHERE standard_name = ?    
      "; 
if(!mysqli_stmt_prepare($stmt4, $query5)){
echo "Failed to authenticate";
} else {
    mysqli_stmt_bind_param($stmt4, "ss", $password2, $email);
    mysqli_stmt_execute($stmt4);
$result = mysqli_stmt_get_result($stmt4); } 
while($row = mysqli_fetch_object($result)){
    $email2 = $row->standard_name;

}
  }
  $emaildecrypted2 = decrypt($email2);
  if($emaildecrypted === $lname){
      echo "authentication successful"
  } 
READ ALSO
How to setup a Linux development server using Docker to support multiple versions of PHP and MySQL

How to setup a Linux development server using Docker to support multiple versions of PHP and MySQL

I have many PHP projects, and each project requires different PHP and MySQL versionsI want to setup a Docker machine that runs multiple instances of the server with specific versions of PHP and MySQL

39
How to get unique records with join tables and without using group by

How to get unique records with join tables and without using group by

I want to get unique record from 2 tables without using Group By instead of i want to use DISTINCT because when i used group by it does not return last updated records

41
Convert NOT IN to LEFT JOIN

Convert NOT IN to LEFT JOIN

I have this query:

67