# |
Apr 23rd 2019, 15:34 |
josbeir |
yeah, i get that |
# |
Apr 23rd 2019, 15:33 |
neon1024 |
I certainly didn’t, but I did totally miss the fact that encryption does not produce consistant output |
# |
Apr 23rd 2019, 15:32 |
josbeir |
people always confuse encryption with hashing |
# |
Apr 23rd 2019, 15:32 |
neon1024 |
@josbeir `ctype_xdigit($value)` |
# |
Apr 23rd 2019, 15:32 |
josbeir |
yes |
# |
Apr 23rd 2019, 15:32 |
josbeir |
or you could decrypt it and compare that |
# |
Apr 23rd 2019, 15:32 |
neon1024 |
:P |
# |
Apr 23rd 2019, 15:32 |
neon1024 |
So I’ve filled my database with gibberish! :,( |
# |
Apr 23rd 2019, 15:32 |
josbeir |
but you should be able to check if the string is encrypted using a specific cypher method |
# |
Apr 23rd 2019, 15:31 |
josbeir |
so you will not be able to compare it |
# |
Apr 23rd 2019, 15:31 |
josbeir |
security::encrypt produces an encrpyted string wich will be always random stuff, it does not produce a hash |
# |
Apr 23rd 2019, 15:31 |
neon1024 |
Which could well be how I’ve ended up in this hole |
# |
Apr 23rd 2019, 15:31 |
neon1024 |
This feels intentional to me, which means the hole is in my understanding of encryption |
# |
Apr 23rd 2019, 15:31 |
neon1024 |
The same results occur when using a CONST |
# |
Apr 23rd 2019, 15:29 |
phantomwatson |
I mean. Maybe not having different results in _the same test_, but it's still worth checking. |
# |
Apr 23rd 2019, 15:28 |
phantomwatson |
If your test system is creating random configuration values for every test, that could explain it. |
# |
Apr 23rd 2019, 15:28 |
phantomwatson |
Try doing it the other way. Use a variable as your second parameter instead of a method call. |
# |
Apr 23rd 2019, 15:27 |
phantomwatson |
Even a hash function shouldn't produce different results every time. |
# |
Apr 23rd 2019, 15:27 |
neon1024 |
It uses Configure::read |
# |
Apr 23rd 2019, 15:26 |
phantomwatson |
The obvious place to look is your parameters. Are you calling `Configure::read()` every time, or are you saving the output to a `$key` variable and reusing that variable? |
# |
Apr 23rd 2019, 15:26 |
neon1024 |
This means, in my limited understanding, that Security::encrypt is working more like a hash |
# |
Apr 23rd 2019, 15:25 |
neon1024 |
Yes, I’m using 3.7.6 |
# |
Apr 23rd 2019, 15:25 |
neon1024 |
You can see here running the same test case file twice, gives different results |
# |
Apr 23rd 2019, 15:25 |
phantomwatson |
Is this CakePHP 3? |
# |
Apr 23rd 2019, 15:24 |
neon1024 |
Nope, it’s a closed source project |
# |
Apr 23rd 2019, 15:24 |
phantomwatson |
@neon1024, is your code online for us to look through? That's a weird problem. |
# |
Apr 23rd 2019, 15:24 |
neon1024 |
Yeah it seems, having used a unit test, that every time you call encrypt it returns a different value even with the same input and key |
# |
Apr 23rd 2019, 15:02 |
neon1024 |
When I try in the `bin/cake console` it just quits to command line |
# |
Apr 23rd 2019, 14:59 |
neon1024 |
Why is it that when I use `Security::encrypt($value, Configure::read('encryption.key'))` the output is different every time, even when `$value` doesn’t change? |
# |
Apr 23rd 2019, 09:51 |
neon1024 |
Or if they’re related you can traverse the table associations |
# |
Apr 23rd 2019, 09:42 |
edgaras.jan |
https://book.cakephp.org/3.0/en/controllers.html#loading-additional-models |
# |
Apr 23rd 2019, 09:42 |
COOurb |
yeah, thnx |
# |
Apr 23rd 2019, 09:42 |
edgaras.jan |
add $this->loadModel('Users'), then you'll be able to use $this->Users |
# |
Apr 23rd 2019, 09:40 |
COOurb |
I forgot how to use other tables in controller |
# |
Apr 23rd 2019, 09:39 |
edgaras.jan |
$usersquery = $users->find(); $query = $articles->find()->where(['field IN' =>$usersquery]); |
# |
Apr 23rd 2019, 09:38 |
edgaras.jan |
use another query in place of array |
# |
Apr 23rd 2019, 09:36 |
COOurb |
I can do it in sql then parse, but I wanna use Paginator features |
# |
Apr 23rd 2019, 09:36 |
COOurb |
like "select * from tab1 where tab1.field1 in (select field2 from tab2)"? |
# |
Apr 23rd 2019, 09:35 |
COOurb |
what if my array is slection from other table? |
# |
Apr 23rd 2019, 09:35 |
edgaras.jan |
without IN, array won't be accepted |
# |
Apr 23rd 2019, 09:34 |
edgaras.jan |
where(['field IN' => [1, 2, 3]]) |