I'm using the following code to salt and hash passwords in a MySQL database:
<?php
function make($string, $salt = '') {
return hash('sha256', $string . $salt);
}
function salt($length) {
return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
}
$salt = salt(32);
$password = make('password', $salt);
?>
However when I attempt to insert the generated salt into the database, there are some cases where this error occurs:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'ÜöOòƒ·¡]ŽÖ', 1)' at line 1
I assume that is because of unrecognized characters being generated. What would be a solution for this?