Welcome Guest, Not a member yet? Register   Sign In
The encryption encode function not returning consistent data
#1

[eluser]ericrjones1[/eluser]
What I am trying to do:

Pull user information as identified by a username.

The following function is in my Model. The $in_username can be either encrypted or plain text. If the $in_username variable is plain text, I pass FALSE as the second parameter to then encode the plain text username.

However, when I uncomment the echo of the $in_username variable and refresh the page the encoding changes on each page load (see below for examples).

So I am wondering how am I suppose to match encoded variables that change every time? Any suggestions?

I was thinking of grabbing all usernames from the database decoding them and then matching the plain text results, but that seems like a lot of work if it can be avoided.

Below, I reloaded the page three times for the same plain text input:
Code:
oM+EQvE+4nU/G3FswAR/BlnjoZPVZvqVbV54Z0iUp7bf/jfg3q2j/lDkDeIRNrzg31EP953kbQ/8vPGV5Fms3g==

1LdmAguWZLP/DV6RG/RQMAbmhrEl1haYFmhNDH7ryCoFoXMjzfLKEjn4A5snkp5pN9Ozjp3rq5n8A2hqPLlctA==

OWnl36Vu+l9rYlXAWjmbsqC55JV6GMIKSW5xz+Dd7rJD3fxwMvq6C51wC3X5J61LQ2ZHEnWmbONlLl3KNUR8jw==

Other information: I am using a set encryption key within the ./system/application/config.php file. I am not changing the default setting of the encryption library.

Below is the code from my model:
Code:
/**
     * get the data for a specific user
     *
     * @param string $in_username
     * @return array
     *
     */
    function get_user($in_username, $encoded = TRUE)
    {
        $data = array();
        
    if( ! $encoded)
    {
        $in_username = $this->encrypt->encode($in_username);
    }
        
    #echo $in_username;
    #exit();
        
        /**
         * The following query statement performs a join of the tables
         * users and contact_info.  The corresponding columns are
         * user.contact_info_id and contact_info.id.
         * I am performing a left join due to the fact that the table
         * contact info is dependent on the users table.  See the MySQL
         * user's guide for more information on JOIN.
         *
         */
        $this->db->join('contact_table', 'users.contact_table_id = contact_table.id', 'left');
        $this->db->where('username', $in_username);
        $this->db->limit(1);
        
        $Q = $this->db->get('users_table');
        
        //check for an empty result set
        if($Q->num_rows() > 0)
        {
            $data = $Q->row_array();
        }
        
        # decode the necessary user information
        $data = $this->_decode_user_data($data);
        
        //free the result set
        $Q->free_result();
        
        //send back the user data
        return $data;
    }
#2

[eluser]ericrjones1[/eluser]
I found an the answer in the file ./system/libraries/encrypt.php for the encode function

Code:
Encodes the message string using bitwise XOR encoding.
The key is combined with a random hash, and then it
too gets converted using XOR. The whole thing is then
run through mcrypt (if supported) using the randomized key.  
The end result is a double-encrypted message string
that is randomized with each call to this function,
even if the supplied message and key are the same.

CI is the best :-)




Theme © iAndrew 2016 - Forum software by © MyBB