From 511ad35ef4a5046405a5f421ebb3f668ef6f2051 Mon Sep 17 00:00:00 2001
From: Mian Xie <xiemia@oregonstate.edu>
Date: Sun, 21 Oct 2018 14:27:22 -0700
Subject: [PATCH] signup encrytion

---
 source/php/userActionHandler.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/source/php/userActionHandler.php b/source/php/userActionHandler.php
index 26cf233..1971e22 100644
--- a/source/php/userActionHandler.php
+++ b/source/php/userActionHandler.php
@@ -109,11 +109,13 @@
                         $userRole           = $_POST['userRole'];
                         $userPhone          = $_POST['userPhone'];
                         $userEmail          = $_POST['userEmail'];
-                        $statement          = "INSERT INTO User_info (User_name, Password, User_role, Email, Phone) 
+                        /*$statement          = "INSERT INTO User_info (User_name, Password, User_role, Email, Phone) 
                                                 VALUES ('$userName', 
-                                               '$userPassword', 
+                                                AES_ENCRYPT('$userPassword', UNHEX(SHA2(`My secret key`,512))), 
                                                 '$userRole',
-                                                '$userEmail', '$userPhone');";
+                                                '$userEmail', '$userPhone');";*/
+                        $statement          = "INSERT INTO User_info (User_name, Password, User_role, Email, Phone) 
+                                                VALUES ('$userName', AES_ENCRYPT('$userPassword', UNHEX(SHA2('My secret passphrase',512))),'$userRole','$userEmail', '$userPhone');";
                         $dbResult           =$db->dbExecute($statement);
                          if ($dbResult){
                              /*Return message back if the query is succeed*/