Ben
Ben

Reputation: 1914

Codeigniter cannot decode the encrypted password

I made a login form where the user submit his username and password. If the username exist I decode the password and check if is the same as the submitted password.

// This is from db

string(50) "v+bNPHNWHGQbcxrvu1vN8Ty++cMq0oEeaZesvfCfsLgNAFgZno"

// And this is after decode the string above

string(32) "�� U�U{q�0�4��è€UC��o�/�*�."

But it should return 123456

For encode I use

$this->encrypt->encode('123456');

And this is secret key

$config['encryption_key'] = 'kRlaMneym7rF';

// Edit

The problem was that password field was set to varchar 50

Upvotes: 5

Views: 19373

Answers (5)

elverde
elverde

Reputation: 193

A possible cause could be the length of that field in your database, that was my case. I had a field too short.

Upvotes: 2

matt
matt

Reputation: 1

ive figured this out. i found that it was because the table i was using to store the password unicode was latin1. i changed the users table field password to be utf-8, which seemed to cure this issue

Upvotes: 0

Steward Godwin Jornsen
Steward Godwin Jornsen

Reputation: 1179

Please check your codeigniter charset in config

$config['charset'] = 'UTF-8';

versus the charset of your database. Your conflict is probably coming from there.

Put Codeigniter to test and see if it return the right result. Try hard-coding like before or copy and test this in your controller.

function testencrypting(){
  $str = '12345';
  $key = 'my-secret-key';
  $encrypted = $this->encrypt->encode($str, $key);
  echo $this->encrypt->decode($encrypted, $key);
  exit;

}

Mine produce the expected result: 12345. If that works, then your problem is possibly CHARACTER SET (CHARSET). I'm using an encryption key here. You could use the default in config by leaving out the second parameter in encode and decode.

Let me know if that helped

Upvotes: 5

Husman
Husman

Reputation: 6909

Have you tried:

$this->encrypt->decode($string);

Upvotes: 2

Sacha
Sacha

Reputation: 569

You want to hash, rather than encrypt, and you can do this with CodeIgniter's encrypt library which uses SHA1 for hashing.

$password = $this->encrypt->sha1('123456');

This would return 7c4a8d09ca3762af61e59520943dc26494f8941b, which is what would be stored in the database.

You cannot un hash a password - you want to check the hashed input against the hash in the database.

Upvotes: 3

Related Questions