Login

atom · 06-13-2015, 06:31 AM

Hello,

I have this lines of code:

Code:
$password = $_POST['password'];

$salt = '$2a$07$R.gJb2U2N.FmZ4hPp1y2CN$';

$encrypted_password = crypt($password, $salt);

It successfully stores the encrypted password in my database and I also used that same line of code in LogIn but it wasn't working.

Do you guys know how to compare the password from login to password that was stored in the database?

Thanks in advance.

jithinjohnygeorge · 06-13-2015, 02:18 PM

Use password_verify () method.

code

Code:
password_verify ($password,$hash)

isabella · 06-17-2015, 04:16 AM

Why don't you use SHA1 built-in hash function for password encryption?That is one of the best secure solution.

The FAS Solutions
corporate web development
web designs and development services
http://www.thefas-solutions.com

JayAdra · 06-17-2015, 05:42 AM

(06-17-2015, 04:16 AM)isabella Wrote: Why don't you use SHA1 built-in hash function for password encryption?That is one of the best secure solution.

SHA1 is not secure. Don't use it. Use Bcrypt instead.

mwhitney · 06-17-2015, 07:27 AM

Use PHP's password_hash() (which currently uses BCrypt, but may be updated in the future to support other algorithms). That page also includes a link to a library which adds support for the password_ functions for PHP versions prior to 5.5, if needed.

Bonfire

Practical CodeIgniter 3
CodeIgniter Testing Guide