Reputation: 1914
Codeigniter cannot decode the encrypted password
I made a login form where the user submit his username and password. If the username exist I decode the password and check if is the same as the submitted password.
// This is from db
string(50) "v+bNPHNWHGQbcxrvu1vN8Ty++cMq0oEeaZesvfCfsLgNAFgZno"
// And this is after decode the string above
string(32) "�� U�U{q�0�4��è€UC��o�/�*�."
But it should return 123456
For encode I use
$this->encrypt->encode('123456');
And this is secret key
$config['encryption_key'] = 'kRlaMneym7rF';
// Edit
The problem was that password field was set to varchar 50
Upvotes: 5
Views: 19373
Answers (5)
Reputation: 193
A possible cause could be the length of that field in your database, that was my case. I had a field too short.
Upvotes: 2
Reputation: 1
ive figured this out. i found that it was because the table i was using to store the password unicode was latin1. i changed the users table field password to be utf-8, which seemed to cure this issue
Upvotes: 0
Reputation: 1179
Please check your codeigniter charset in config
$config['charset'] = 'UTF-8';
versus the charset of your database. Your conflict is probably coming from there.
Put Codeigniter to test and see if it return the right result. Try hard-coding like before or copy and test this in your controller.
function testencrypting(){
$str = '12345';
$key = 'my-secret-key';
$encrypted = $this->encrypt->encode($str, $key);
echo $this->encrypt->decode($encrypted, $key);
exit;
}
Mine produce the expected result: 12345. If that works, then your problem is possibly CHARACTER SET (CHARSET). I'm using an encryption key here. You could use the default in config by leaving out the second parameter in encode and decode.
Let me know if that helped
Upvotes: 5
Reputation: 569
You want to hash, rather than encrypt, and you can do this with CodeIgniter's encrypt library which uses SHA1 for hashing.
$password = $this->encrypt->sha1('123456');
This would return 7c4a8d09ca3762af61e59520943dc26494f8941b, which is what would be stored in the database.
You cannot un hash a password - you want to check the hashed input against the hash in the database.
Upvotes: 3
Related Questions
- Decrypt showing error authentication failed
- codeigniter encryption / decryption function returns empty string
- encrypt/decode issue in Code Igniter 2.1.4
- Encrypted password becomes invalid
- Password is not encrypted in codeigniter
- Codeigniter Password Decryption
- Codeigniter strange encryption of password
- Encryption string on Codeigniter
- How to securely encrypt password
- Codeigniter Encryption Key