I am comparing two strings with PHP. I am sure the strings are equal because I have echoed them on to the webpage, but the comparison always returns "bad".
One of the strings being compared was formerly encrypted via AES-256 and was stored via cookie.
Cookie Value:
_uid=YJUZI3Kzi+YrmKay9H2+k0Bl+374u5JLeYF7BSLiNfo=:mjsAHC8qJX5UpF0p8gpuNKczieZObzbGlRszGjiDQX4=
Encryption Function:
<?php
// AES 256
function aes($a,$b,$c) {
switch($a){
case 1:
$d="awkwardp_general";$e="xjoiw4rifo5jw4";
$f=mysqli_connect("localhost",$d,$e,"awkwardp_main") or die(mysqli_error($f));
$g=mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,MCRYPT_MODE_CBC);
$h=mcrypt_create_iv($g,MCRYPT_DEV_URANDOM);
$i="Value";
$j="Keys";
$k=array();
$l=0;
$m="SELECT ".$i." FROM `".$j."`";
$n=mysqli_query($f,$m) or die(mysqli_error($f));
while($o=mysqli_fetch_array($n)){
$k[$l]=$o[$l];
$l++;
}
$p=strlen($k[$b]);
$q=mcrypt_encrypt(MCRYPT_RIJNDAEL_128,$k[$b],$c,MCRYPT_MODE_CBC,$h);
$q=base64_encode($h.$q);
return $q;
break;
case 2:
$d="awkwardp_general";$e="xjoiw4rifo5jw4";
$f=mysqli_connect("localhost",$d,$e,"awkwardp_main") or die(mysqli_error($f));
$g=mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128,MCRYPT_MODE_CBC);
$i="Value";
$j="Keys";
$k=array();
$l=0;
$m="SELECT ".$i." FROM `".$j."`";
$n=mysqli_query($f,$m) or die(mysqli_error($f));
while($o=mysqli_fetch_array($n)){
$k[$l]=$o[$l];$l++;
}
$p=strlen($k[$b]);
$q=base64_decode($c);
$r=substr($q,0,$g);
$s=substr($q,$g);
$t=mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$k[$b],$s,MCRYPT_MODE_CBC,$r);
return $t;
break;
default:
}
}
?>
Comparison Script:
<?php
$Value = explode(":",$_COOKIE['_uid']);
$_SERVER['REMOTE_ADDR'] == aes(2,1,$Value[0])
? printf("good")
: printf("bad");
?>
Can someone tell me what the problem is?
Your problem is probably because of some hidden spaces. To remove them just use trim(), e.g.
$_SERVER['REMOTE_ADDR'] == trim(aes(2,1, trim($Value[0])))
//^^^^ ^^^^ See here