• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
insert bug(CI4)

#1
here I insert the follow data to mysql.
PHP Code:
$data['password']='$2y$10$ErQlCj/Mo10il.FthAm0WOjYdf3chZEGPFqaPzjqOX2aj2uYf5Ihq' 
when I check the database, the data was changed to
Code:
y\$ErQlCj/Mo10il.FthAm0WOjYdf3chZEGPFqaPzjqOX2aj2uYf5Ihq
please note "$2y$10" was changed to "y\" and the number of characters was changed too(from 60 to 56).

I guess this is might be a bug?
Q&A for Codeigniter
StartBBS--open-source, light weight forum software.
Best VPS:Digital Ocean
Reply

#2
Are you on the most recent version? I discovered and fixed a similar bug a couple of weeks ago.
Support Development  • Practical CodeIgniter 3  •
Myth:AuthVulcan - CLI Tools for CI4
Reply

#3
(11-14-2016, 08:49 PM)kilishan Wrote: Are you on the most recent version? I discovered and fixed a similar bug a couple of weeks ago.

Yes, I am using the latest version. it seems that the data was filtered. please check it again.
Q&A for Codeigniter
StartBBS--open-source, light weight forum software.
Best VPS:Digital Ocean
Reply

#4
Ok. I have an idea what it might be as I was just fighting with that portion of the code over the last few days... I'll take another look. Thanks.
Support Development  • Practical CodeIgniter 3  •
Myth:AuthVulcan - CLI Tools for CI4
Reply

#5
I was spot on with what I thought the issue was. I had a little manual filtering that used to be necessary, but started using preg_quote to prep the strings in the Query class, and the manual filtering (specifically for passwords...sigh) was getting in the way. Pull down the latest code and it should be fixed.
Support Development  • Practical CodeIgniter 3  •
Myth:AuthVulcan - CLI Tools for CI4
Reply

#6
(11-14-2016, 09:35 PM)kilishan Wrote: I was spot on with what I thought the issue was. I had a little manual filtering that used to be necessary, but started using preg_quote to prep the strings in the Query class, and the manual filtering (specifically for passwords...sigh) was getting in the way. Pull down the latest code and it should be fixed.

THanks, it works well now.
Q&A for Codeigniter
StartBBS--open-source, light weight forum software.
Best VPS:Digital Ocean
Reply

#7
Excellent. Glad to hear it.
Support Development  • Practical CodeIgniter 3  •
Myth:AuthVulcan - CLI Tools for CI4
Reply

#8
Using password_hash and crypt you need to be careful that they do not include any NULL BYTES or it will truncate it.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#9
(11-15-2016, 06:52 AM)InsiteFX Wrote: Using password_hash and crypt you need to be careful that they do not include any NULL BYTES or it will truncate it.

Yet again, while not incorrect, your comment is irrelevant.
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.