I have a problem using the function AES_ENCRYPT with PDO, when I use the SQL statement below with :pass and :key as bound parameters, I get no match from the database. However if I take them out and put them directly in the SELECT statement I get a COUNT of 1 result which is correct.
Am I embedding these incorrectly into the statement, or is there another way to make my select function work properly with the AES_ENCRYPT function? The function works correctly with straight parameters, for example
SELECT * FROM users WHERE name=:name AND email=:email
$query[] = "SELECT COUNT(1) FROM users WHERE active=1 AND username=:username AND password=AES_ENCRYPT(:pass,:key);";
$query[] = array(
'username' => $username,
'pass' => $pass,
'key' => $key );
list($exists) = select( $query, true );
function select( array &$query, $one=FALSE ) {
try {
$stmt = $this->PDO->prepare( $this->named_queries( $query[0] ) );
foreach( $query[1] as $k=>$v ) {
$stmt->bindParam( ":$k", $v );
}
$stmt->execute();
$query = array(); # If the query is from a loop this prevents only the first loop's SELECT from being used.
if( $one ) {
$return = $stmt->fetch();
}else{
$return = $stmt->fetchAll();
}
return $return;
}catch( PDOException $e ) {
if( $this->test )
self::print_error( __METHOD__, $e->getMessage() );
return false;
}
}