Search Base64 string in MySQL table using PHP

Question

I asked this question yesterday, but I didn't get an answer and the question has been marked as duplicate, which is not.

I changed the "key" column name to "lic_key" and "keys" table name to "license_keys" because I understand they are reserved by MySQL.

This is my PHP code:

<?php
    require 'config.inc.php';
    /* Connect to database and grab the keys */

    @mysql_connect($g_mysql_host,$g_mysql_usr,$g_mysql_pass)
    or die("Couldn't connect to database server");
    @mysql_selectdb($g_mysql_db)
    or die("Couldn't select database");
    $key = mysql_real_escape_string($_GET["key"]);
    $query = "SELECT * FROM `license_keys` WHERE `lic_key` = '$key'";
    $result = mysql_query($query);
    if ($result == "") exit("INVALID KEY");
    else {
        while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) {
            echo $row['id'];
        }
    }

?>

This works only if the key does NOT contain the "+" character, and it outputs the specific "id" for the searched "license_key" . If the key contains "+" or is not found, the page remains blank (which is another problem that I have, because the script should output "INVALID KEY") .

The key strings are encrypted using AES128 in Base64. Other keys have the "+" character, other not.

Shortly,

kQcYqzQlsr4/MXJ1ySw7jQ==  -- works. 

CKVcua+aWlnK5qfKwcm6wA== -- does not work.

This script is only for personal usage, so I'm not scared about SQL injection.

Thanks.

Answer 1

Thanks to @Barmar for clarifying the problem with "+" character in the URL. To fix the problem with the blank page if the key is incorrect, I edited

if ($result == "") exit("INVALID KEY");

with

if (mysql_num_rows($result)==0) exit("INVALID KEY");

and now it works.