Android Question Insert hash and salt into MySQL table

achtrade · Feb 11, 2015

I'm stuck with this, I have no idea how to insert those bytes variables.

This is what I have:

B4X:

Dim password As String 
    
    password = "Te$t2015"
    Dim salt() As Byte = Utils.CalcSalt(password)
    Dim hash() As Byte = Utils.CalcHash(password, salt)
   
    ExecuteRemoteQuery("INSERT INTO Users (Name, LastName, Email, Hash, Salt, Phone) VALUES ('aaa', 'xxxx', '[email protected]', " & Array As Object(hash) & "," & Array As Object(salt) & ",'9994332222'", NEW_USER)

I'm getting an "Internal Error"

In the table, only hash and salt are blob type

Help

walterf25 · Feb 12, 2015

achtrade said:
I'm stuck with this, I have no idea how to insert those bytes variables.

This is what I have:

B4X:

Dim password As String password = "Te$t2015" Dim salt() As Byte = Utils.CalcSalt(password) Dim hash() As Byte = Utils.CalcHash(password, salt) ExecuteRemoteQuery("INSERT INTO Users (Name, LastName, Email, Hash, Salt, Phone) VALUES ('aaa', 'xxxx', '[email protected]', " & Array As Object(hash) & "," & Array As Object(salt) & ",'9994332222'", NEW_USER)

I'm getting an "Internal Error"

In the table, only hash and salt are blob type

Help

What is the error you're getting?

DonManfred · Feb 12, 2015

You cannot use arrays in your sql statements... Try to send STRINGs for salt and password.

achtrade · Feb 12, 2015

DonManfred said:
You cannot use arrays in your sql statements... Try to send STRINGs for salt and password.

don't you mind tell me how I can do this ?

thanks.

Troberg · Feb 12, 2015

Why are they blobs? Is it because you want to store an array? In that case, a table with a database relation would be the proper way to do it.

In my experience, if you use blobs for anything besides unstructured binary data (images, document files et cetera), you are doing something wrong.

Try to aim for third normal form (http://en.wikipedia.org/wiki/Third_normal_form). It's a reasonable trade-off between theory and practicalities in database design in typical real world scenarios.

achtrade · Feb 12, 2015

Ok, I could insert the record using bcon.HexFromBytes(hash) but I had to change in the db the field type from blob to string(255).

Is this the correct way to store the hash and salt in a database ?, I have read in another forum that these 2 fields should be blob type.

Troberg · Feb 12, 2015

achtrade said:
Ok, I could insert the record using bcon.HexFromBytes(hash) but I had to change in the db the field type from blob to string(255).

Is this the correct way to store the hash and salt in a database ?, I have read in another forum that these 2 fields should be blob type.

I would convert them to hex and store as string. If nothing else, I'd do it because they'd be readable in the database, which makes debug sooooo much easier.

Blobs are nasty, avoid where possible.

achtrade · Feb 12, 2015

ok.

thanks.

Android Question Insert hash and salt into MySQL table

achtrade

Active Member

walterf25

Expert

DonManfred

Expert

achtrade

Active Member

Troberg

Well-Known Member

achtrade

Active Member

Troberg

Well-Known Member

achtrade

Active Member

Similar Threads