Android Question Insert hash and salt into MySQL table

Discussion in 'Android Questions' started by achtrade, Feb 11, 2015.

  1. achtrade

    achtrade Active Member Licensed User

    I'm stuck with this, I have no idea how to insert those bytes variables.

    This is what I have:

    Code:
    Dim password As String 
        
        password = 
    "Te$t2015"
        
    Dim salt() As Byte = Utils.CalcSalt(password)
        
    Dim hash() As Byte = Utils.CalcHash(password, salt)
       
        ExecuteRemoteQuery(
    "INSERT INTO Users (Name, LastName, Email, Hash, Salt, Phone) VALUES ('aaa', 'xxxx', 'xxx@hotmail.com', " & Array As Object(hash) & "," & Array As Object(salt) & ",'9994332222'", NEW_USER)
    I'm getting an "Internal Error"

    In the table, only hash and salt are blob type

    Help
     
  2. walterf25

    walterf25 Well-Known Member Licensed User

    What is the error you're getting?
     
  3. DonManfred

    DonManfred Expert Licensed User

    You cannot use arrays in your sql statements... Try to send STRINGs for salt and password.
     
  4. achtrade

    achtrade Active Member Licensed User

    don't you mind tell me how I can do this ?

    thanks.
     
  5. Troberg

    Troberg Well-Known Member Licensed User

    Why are they blobs? Is it because you want to store an array? In that case, a table with a database relation would be the proper way to do it.

    In my experience, if you use blobs for anything besides unstructured binary data (images, document files et cetera), you are doing something wrong.

    Try to aim for third normal form (http://en.wikipedia.org/wiki/Third_normal_form). It's a reasonable trade-off between theory and practicalities in database design in typical real world scenarios.
     
  6. achtrade

    achtrade Active Member Licensed User

    Ok, I could insert the record using bcon.HexFromBytes(hash) but I had to change in the db the field type from blob to string(255).

    Is this the correct way to store the hash and salt in a database ?, I have read in another forum that these 2 fields should be blob type.
     
  7. Troberg

    Troberg Well-Known Member Licensed User

    I would convert them to hex and store as string. If nothing else, I'd do it because they'd be readable in the database, which makes debug sooooo much easier.

    Blobs are nasty, avoid where possible. :)
     
    DonManfred likes this.
  8. achtrade

    achtrade Active Member Licensed User

    ok.

    thanks.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice