I'm trying to make a login system which encrypts and decrypt passwords in database(for my project). I can use aes_encrypt to encrypt password and store them in database.However, when I decrypt them later to find matching passwords for login, they don't work. It's like aes_decrypt is skipped and not ran because I have accounts with plaintext password stored in database and I can login with them but for accounts with encrypted passwords they don't work. I'm using Xampp with phpmyadmin for database.
Signup file
<?php
if(isset($_POST['signup']))
{
mysql_connect("localhost","root","");
mysql_select_db("faceback");
$Email=$_POST['email'];
$que1=mysql_query("select * from users where Email='$Email'");
$count1=mysql_num_rows($que1);
if($count1>0)
{
echo "<script>
alert('There is an existing account associated with this email.');
</script>";
}
else
{
$Name=$_POST['first_name'].' '.$_POST['last_name'];
$Password=$_POST['password'];
$Gender=$_POST['sex'];
$Birthday_Date=$_POST['day'].'-'.$_POST['month'].'-'.$_POST['year'];
$FB_Join_Date=$_POST['fb_join_time'];
$day=intval($_POST['day']);
$month=intval($_POST['month']);
$year=intval($_POST['year']);
if(checkdate($month,$day,$year))
{
$que2=mysql_query("insert into
users(Name,Email,Password,Gender,Birthday_Date,FB_Join_Date)
values('$Name','$Email',AES_ENCRYPT('$Password','897sdn9j98u98jk'),
'$Gender','$Birthday_Date','$FB_Join_Date')");
session_start();
$_SESSION['tempfbuser']=$Email;
}
Login file
<?php
if(isset($_POST['Login']))
{
mysql_connect("localhost","root","");
mysql_select_db("faceback");
$user=$_POST['username'];
$pass=$_POST['password'];
$que1=mysql_query("select Email,AES_DECRYPT(Password,'897sdn9j98u98jk') from
users where Email='$user' and Password='$pass'");
$count1=mysql_num_rows($que1);
if($count1>0)
{
session_start();
$_SESSION['tempfbuser']=$user;
}