Welcome Guest, Not a member yet? Register   Sign In
insert bug(CI4)
#1

here I insert the follow data to mysql.
PHP Code:
$data['password']='$2y$10$ErQlCj/Mo10il.FthAm0WOjYdf3chZEGPFqaPzjqOX2aj2uYf5Ihq' 
when I check the database, the data was changed to
Code:
y\$ErQlCj/Mo10il.FthAm0WOjYdf3chZEGPFqaPzjqOX2aj2uYf5Ihq
please note "$2y$10" was changed to "y\" and the number of characters was changed too(from 60 to 56).

I guess this is might be a bug?
Q&A for Codeigniter
StartBBS--open-source, light weight forum software.
Best VPS:Digital Ocean
Reply
#2

Are you on the most recent version? I discovered and fixed a similar bug a couple of weeks ago.
Reply
#3

(This post was last modified: 11-14-2016, 09:22 PM by startbbs.)

(11-14-2016, 08:49 PM)kilishan Wrote: Are you on the most recent version? I discovered and fixed a similar bug a couple of weeks ago.

Yes, I am using the latest version. it seems that the data was filtered. please check it again.
Q&A for Codeigniter
StartBBS--open-source, light weight forum software.
Best VPS:Digital Ocean
Reply
#4

Ok. I have an idea what it might be as I was just fighting with that portion of the code over the last few days... I'll take another look. Thanks.
Reply
#5

I was spot on with what I thought the issue was. I had a little manual filtering that used to be necessary, but started using preg_quote to prep the strings in the Query class, and the manual filtering (specifically for passwords...sigh) was getting in the way. Pull down the latest code and it should be fixed.
Reply
#6

(11-14-2016, 09:35 PM)kilishan Wrote: I was spot on with what I thought the issue was. I had a little manual filtering that used to be necessary, but started using preg_quote to prep the strings in the Query class, and the manual filtering (specifically for passwords...sigh) was getting in the way. Pull down the latest code and it should be fixed.

THanks, it works well now.
Q&A for Codeigniter
StartBBS--open-source, light weight forum software.
Best VPS:Digital Ocean
Reply
#7

Excellent. Glad to hear it.
Reply
#8

Using password_hash and crypt you need to be careful that they do not include any NULL BYTES or it will truncate it.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
#9

(11-15-2016, 06:52 AM)InsiteFX Wrote: Using password_hash and crypt you need to be careful that they do not include any NULL BYTES or it will truncate it.

Yet again, while not incorrect, your comment is irrelevant.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB