Welcome Guest, Not a member yet? Register   Sign In
Error with the encode password function
#1

[eluser]jgodino[/eluser]
Error with the encode password.

I cannot use the forgot_password function.

We are calling the same function $this->encrypt->encode with the same key and I receiving differents values.

Is is a bug?

Thanks

First call


DEBUG - 2009-07-18 19:14:22 --> Rutine confirm_password. New Key:v2rh8PwW39CL
DEBUG - 2009-07-18 19:14:22 --> Rutine confirm_password. New Key Encode: Codificada:wBLAnPyS7xBRHWRTPTb4Su9sltW8307q7O1OqHc0id80l3A2Nv8JWToNn3KyJ46TZae+dTHweLKEr2IE/KfhHw==

Second call

DEBUG - 2009-07-18 19:17:20 --> - login_routine: PWD Pwd: v2rh8PwW39CL
DEBUG - 2009-07-18 19:17:20 --> - login_routine: PWD Pwd Encode: mgHLDiZ6U/djeZB9DhCNwsBVzoCV9seeE3EfRNnufqkICbVHuRZhYg0wbb5EguqCAdITIbnO0Vncc/+cPmVQdQ==



Javier

Function confirm_password.
--------------------------
login.php


Code:
function confirm_password()
    {
        $this->load->model('clientcontacts_model', '', TRUE);
        $customer_id = (int) $this->uri->segment(3);
        $passkey = $this->uri->segment(4);

        $email = $this->clientcontacts_model->password_confirm($customer_id, $passkey)->row()->email;

        $data['page_title'] = $this->lang->line('login_forgot_password');

        if ($email != FALSE)
        {
            $new_password = random_string('alnum', 12);
            [color=red]$password_crypted = $this->encrypt->encode($new_password);[/color]            
            
            log_message('debug', "Rutine confirm_password. New Key:".$new_password);
            log_message('debug', "Rutine confirm_password. New Key Encode:".$password_crypted);


LOG


Code:
DEBUG - 2009-07-18 19:14:22 --> Rutine confirm_password. New Key:v2rh8PwW39CL
DEBUG - 2009-07-18 19:14:22 --> Rutine confirm_password. New Key Encode: Codificada:wBLAnPyS7xBRHWRTPTb4Su9sltW8307q7O1OqHc0id80l3A2Nv8JWToNn3KyJ46TZae+dTHweLKEr2IE/KfhHw==


Function Log
------------

Site_entry.php


Code:
function login_routine()
    {
        //Initialise the Encryption Library
        $this->obj->load->library('encrypt');

    log_message('debug', " login_routine. INICIO");
    
        //Make the input username and password into variables
        $password = $this->obj->input->post('password');
        $username = $this->obj->input->post('username');

    log_message('debug', " - login_routine: PWD Usuario: ".$username);
    log_message('debug', " - login_routine: PWD Pwd: ".$password);
        //Use the input username and password and check against 'users' table
        $query = $this->obj->db->get('clientcontacts');
        log_message('debug', " - login_routine: SQL: ".$this->obj->db->last_query());
      
      $passwordEncriptada = $this->obj->encrypt->encode($password);
      log_message('debug', " - login_routine: PWD Pwd Encriptada: ".$passwordEncriptada);
        $login_result = FALSE;
        
    foreach($query->result() as $row)
        {
        
          log_message('debug', "- login_routine: USR en base de datos: ".$row->email);  
          log_message('debug', " - login_routine: PWD en base de datos: ".$row->password);


LOG


Code:
DEBUG - 2009-07-18 19:17:20 -->  login_routine. INICIO
DEBUG - 2009-07-18 19:17:20 -->  - login_routine: PWD Usuario: [email protected]
DEBUG - 2009-07-18 19:17:20 -->  - login_routine: PWD Pwd: v2rh8PwW39CL
DEBUG - 2009-07-18 19:17:20 -->  - login_routine: SQL: SELECT *
FROM (`sginfra_clientcontacts`)
DEBUG - 2009-07-18 19:17:20 -->  - login_routine: PWD Pwd Encriptada: mgHLDiZ6U/djeZB9DhCNwsBVzoCV9seeE3EfRNnufqkICbVHuRZhYg0wbb5EguqCAdITIbnO0Vncc/+cPmVQdQ==
DEBUG - 2009-07-18 19:17:20 -->  - login_routine: USR en base de datos: jgodino@....
DEBUG - 2009-07-18 19:17:20 -->  - login_routine: PWD en base de datos: wBLAnPyS7xBRHWRTPTb4Su9sltW8307q7O1OqHc0id80l3A2Nv8JWToNn3KyJ46TZae+dTHweLKEr2IE/KfhHw==
#2

[eluser]TheFuzzy0ne[/eluser]
Have you set a key in your config.php?
#3

[eluser]jgodino[/eluser]
Yes. I have a key in my config.php.

/*
|--------------------------------------------------------------------------
| Encryption Key
|--------------------------------------------------------------------------
|
| If you use the Encryption class or the Sessions class with encryption
| enabled you MUST set an encryption key. See the user guide for info.
|
*/
$config['encryption_key'] = "encryption_key_Gg2F55454";
#4

[eluser]TheFuzzy0ne[/eluser]
How are you decoding the password? Are you passing in a second parameter? That's the only thing I can think of that could possible give you a different result each time.
#5

[eluser]jgodino[/eluser]
The problem began because the retrieve password options didn't work.
I did changes in the code and I don't know what changes I did.
One of the changes that I did was to change decoding to coding the password again.
I will return to the begining and I will post the correct problem. "Retrieve Password Options"
Thanks
#6

[eluser]Iván Argulo[/eluser]
Can you try with the function dohash(), in security helper?
#7

[eluser]jgodino[/eluser]
No.. I didn't. Why this function?
#8

[eluser]Iván Argulo[/eluser]
It checks if the function sha1 is avaliable, if the module mhash is installed. If not, it uses its own library to generate sha1 or md5. But you cannot reverse the encryption.

http://ellislab.com/codeigniter/user-gui...elper.html

It works great for me Smile




Theme © iAndrew 2016 - Forum software by © MyBB