Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Encrypted password not coming across correctly?
Encrypted password not coming across correctly?
  • El Forum
    Guest
  •  
#1
04-10-2009, 11:52 AM

[eluser]octavianmh[/eluser]
All-

First, thanks in advance — love you guys. Smile

Second, I have a very simple model method to check my MySQL database during a login procedure...and was hoping to store the passwords in the database encrypted. Here's the model method:

Code:
function checkLogin($username, $password)
    {
        $this->load->library('encrypt');
        $securePass = $this->encrypt->encode($password);
        $sql = "SELECT * FROM users WHERE username = ? AND password = ?";
        $query = $this->db->query($sql, array($username, $securePass));
        if($query->num_rows() > 0) {
            return TRUE;
        }        
    }

This ALWAYS fails. Even though I've checked the value of $securePass to the contents of the database — they seem identical.

When I comment out the encrypt command and just store the password in plain text, this method works fine, so it has SOMETHING to do with the encryption method. The field in the database is plenty large enough (256 Varchar), and as I said, the contents seems identical.

Could there be a character in the encrypted password that is screwing up the query? Is there a "safer" encryption algorithm I could/should use, rather than the default?

In the end, I don't HAVE to encrypt the passwords, but it would be nice.

Anyone seen anything similar to this, or have an idea where I should turn next in debugging?

Thanks!
  • El Forum
    Guest
  •  
#2
04-10-2009, 12:11 PM

[eluser]Colin Williams[/eluser]
NEVERMIND...
  • El Forum
    Guest
  •  
#3
04-10-2009, 12:17 PM

[eluser]TheFuzzy0ne[/eluser]
What's the error you're getting? Also, have you set a key for the encryption library in your config.php?

I use:
Code:
md5(time() * rand());
to generate mine.
  • El Forum
    Guest
  •  
#4
04-10-2009, 02:26 PM

[eluser]octavianmh[/eluser]
Ok, I think I see what's happening. When I run:

Code:
$this->load->library('encrypt');
        $securePass = $this->encrypt->encode($password);

I get DIFFERENT results every time. I THOUGHT since my salt in config.php is CONSTANT, it should give me the same string every time I run it on a given password — so I have the same thing to compare to what's in the database. That does not seem to be occurring.

Am I using the wrong library for what I'm trying to achieve? I just want to reliably encode the password when I store it, and be able to do the encode again when someone types IN that password to, ya know verify the login.

Simple, right?

What am I doing wrong??
  • El Forum
    Guest
  •  
#5
04-10-2009, 03:07 PM

[eluser]octavianmh[/eluser]
Through some searching of the forums:

http://ellislab.com/forums/viewthread/65267/

Appears to be the answer to my question.




Theme © iAndrew 2016 - Forum software by © MyBB