CodeIgniter Forums
A simple encoding password function problem - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Development & Programming (https://forum.codeigniter.com/forum-23.html)
+--- Thread: A simple encoding password function problem (/thread-15943.html)



A simple encoding password function problem - El Forum - 02-19-2009

[eluser]markanderson993[/eluser]
Hello there CodeIgniter experts. I have a simple function that encodes an inputted password ($this->input->post('password')) and returns the encrypted salted password. The problem I'm having is strange that when I log in with a salt of NCJ I can login (encoding worked perfectly and a couple functions later I'm logged in). But when a user with a salt of e[# they can't log in.

Here is my code for encoding the password. Does anyone have any idea why this is happening?

Code:
function _encode($username,$password)
      {
        $this->CI->db->where('user_name',$username);
        $get_user_row = $this->CI->db->get('user',1);
        
        if ($get_user_row->num_rows() == 1) // A user was found
        {
            
            $this->CI->db->where('user_name',$username);
            $get_user_row = $this->CI->db->get('user',1);
            $user_row = $get_user_row->row();
            
            $salt = $user_row->salt;
            
            $enc_password = md5(md5($password) . $salt);
            
            return $enc_password;
        }
      }

Any help is greatly appreciated. Thank you!!!

- Pianoman993


A simple encoding password function problem - El Forum - 02-19-2009

[eluser]TheFuzzy0ne[/eluser]
The function itself seems to work fine for me; even with the suspect salt. However, I can't vouch for how the database is returning your data, and whether or not it's been encoded or escaped somehow. My only thought at this time is that perhaps the user's password is too long for the database, and so a bit of it may have been truncated. This would cause your validation to fail.