Reputation: 41
what I use Encryption and not Encrypt on CodeIgniter
In last version on CodeIgniter I used function decode()
I used :
if($row->accesso == 1 && $row->username == $username $$ $this->obj->encrypt->decode("$row->password") == $password )
But in php 7.2 mcrypt is removed. If I use encrypt or decrypt of Encryption library i have an error to login. I can't enter in my page. Can you help me ?
Thank you!
Upvotes: 0
Views: 205
Answers (1)
Reputation: 842
Try to use password_hash/password_verify:
TEST:
Try to create first the user's password by using password_hash() then store it on the database manually,
password_hash('password123', PASSWORD_DEFAULT);
It will output like : $2y$10$8UgJIh.KAnDc1/b.4gb33eaBtrDRgXb2kQt8oNO0GKRe6sIFKR8IC
Then to verify, you can use password_verify() to check if the user's password input is equal to the hashed password in the database. Use if else statement for this function. password_verify() also returns true for every matched hashed strings. (Let's assume that $password = 'password123' and $hashed_password = $2y$10$8UgJIh.KAnDc1/b.4gb33eaBtrDRgXb2kQt8oNO0GKRe6sIFKR8IC so the checking will be:
if(password_verify($password,$hashed_password)) { successful login } else { failure }
You can read more about password_hash() and password_verify() for more further explanation.
This is only an example, it might not work on your current code because it seems you used other hashing function. Hope this helps!
Upvotes: 1
Related Questions
- Encryption key in CodeIgniter
- Codeigniter - How to set encryption key in config.php
- is Encryption Class in codeigniter is secure and which cipher they used
- PHP-Codeigniter string encrypt and decrypt
- Encryption string on Codeigniter
- How to securely encrypt password
- CodeIgniter Encryption Class - How do I?
- Codeigniter Encryption Key
- CodeIgniter custom encrypt function
- Where and how to store encryption_key out of CodeIgniter