CakePHP: the rapid development php framework: CakeBot

Log message #4184155

#	At	Username	Text
#	Apr 23rd 2019, 15:32	josbeir	people always confuse encryption with hashing
#	Apr 23rd 2019, 15:32	neon1024	@josbeir `ctype_xdigit($value)`
#	Apr 23rd 2019, 15:32	josbeir	yes
#	Apr 23rd 2019, 15:32	josbeir	or you could decrypt it and compare that
#	Apr 23rd 2019, 15:32	neon1024	:P
#	Apr 23rd 2019, 15:32	neon1024	So I’ve filled my database with gibberish! :,(
#	Apr 23rd 2019, 15:32	josbeir	but you should be able to check if the string is encrypted using a specific cypher method
#	Apr 23rd 2019, 15:31	josbeir	so you will not be able to compare it
#	Apr 23rd 2019, 15:31	josbeir	security::encrypt produces an encrpyted string wich will be always random stuff, it does not produce a hash
#	Apr 23rd 2019, 15:31	neon1024	Which could well be how I’ve ended up in this hole
#	Apr 23rd 2019, 15:31	neon1024	This feels intentional to me, which means the hole is in my understanding of encryption
#	Apr 23rd 2019, 15:31	neon1024	The same results occur when using a CONST
#	Apr 23rd 2019, 15:29	phantomwatson	I mean. Maybe not having different results in _the same test_, but it's still worth checking.
#	Apr 23rd 2019, 15:28	phantomwatson	If your test system is creating random configuration values for every test, that could explain it.
#	Apr 23rd 2019, 15:28	phantomwatson	Try doing it the other way. Use a variable as your second parameter instead of a method call.
#	Apr 23rd 2019, 15:27	phantomwatson	Even a hash function shouldn't produce different results every time.
#	Apr 23rd 2019, 15:27	neon1024	It uses Configure::read
#	Apr 23rd 2019, 15:26	phantomwatson	The obvious place to look is your parameters. Are you calling `Configure::read()` every time, or are you saving the output to a `$key` variable and reusing that variable?
#	Apr 23rd 2019, 15:26	neon1024	This means, in my limited understanding, that Security::encrypt is working more like a hash
#	Apr 23rd 2019, 15:25	neon1024	Yes, I’m using 3.7.6
#	Apr 23rd 2019, 15:25	neon1024	You can see here running the same test case file twice, gives different results
#	Apr 23rd 2019, 15:25	phantomwatson	Is this CakePHP 3?
#	Apr 23rd 2019, 15:24	neon1024	Nope, it’s a closed source project
#	Apr 23rd 2019, 15:24	phantomwatson	@neon1024, is your code online for us to look through? That's a weird problem.
#	Apr 23rd 2019, 15:24	neon1024	Yeah it seems, having used a unit test, that every time you call encrypt it returns a different value even with the same input and key
#	Apr 23rd 2019, 15:02	neon1024	When I try in the `bin/cake console` it just quits to command line
#	Apr 23rd 2019, 14:59	neon1024	Why is it that when I use `Security::encrypt($value, Configure::read('encryption.key'))` the output is different every time, even when `$value` doesn’t change?
#	Apr 23rd 2019, 09:51	neon1024	Or if they’re related you can traverse the table associations
#	Apr 23rd 2019, 09:42	edgaras.jan	https://book.cakephp.org/3.0/en/controllers.html#loading-additional-models
#	Apr 23rd 2019, 09:42	COOurb	yeah, thnx
#	Apr 23rd 2019, 09:42	edgaras.jan	add $this->loadModel('Users'), then you'll be able to use $this->Users
#	Apr 23rd 2019, 09:40	COOurb	I forgot how to use other tables in controller
#	Apr 23rd 2019, 09:39	edgaras.jan	$usersquery = $users->find(); $query = $articles->find()->where(['field IN' =>$usersquery]);
#	Apr 23rd 2019, 09:38	edgaras.jan	use another query in place of array
#	Apr 23rd 2019, 09:36	COOurb	I can do it in sql then parse, but I wanna use Paginator features
#	Apr 23rd 2019, 09:36	COOurb	like "select * from tab1 where tab1.field1 in (select field2 from tab2)"?
#	Apr 23rd 2019, 09:35	COOurb	what if my array is slection from other table?
#	Apr 23rd 2019, 09:35	edgaras.jan	without IN, array won't be accepted
#	Apr 23rd 2019, 09:34	edgaras.jan	where(['field IN' => [1, 2, 3]])
#	Apr 23rd 2019, 09:33	kgb.acct.personal	'field' => [1, 2, 3]
#	Apr 23rd 2019, 09:33	kgb.acct.personal	You just pass an array as value