Welcome Guest, Not a member yet? Register   Sign In
Encryption Class - How do I?
#1

[eluser]01010011[/eluser]
Hi,

I have created a registration page using CI that works fine. However, I encoded the password using sha1 (see code snippet below), and now that I plan to create a login page, I need to check whether the password the user enters in the login page is the same as that password encoded using sha1 stored in the database. However, I just realized that sha1 is non-decodable.

So how do I use the encryption class to both encrypt and then decrypt this password? Any assistance will be appreciated. Thanks in advance.
Code:
function register_user($username, $password, $name, $email, $activation_code)
{
  $sha1_password = sha1($password);
  $query_str = "INSERT INTO table_name (username, password, name, email, activation_code) VALUES (?,?,?,?,?)";

  $this->db-query($query_str, array($username, $sha1_password, $name, $email, $activation_code));
}
#2

[eluser]garymardell[/eluser]
You don't need to decrypt the sha1, all you need to do is encrypt the password given and check if it matches the stored password.
#3

[eluser]01010011[/eluser]
[quote author="garymardell" date="1271725238"]You don't need to decrypt the sha1, all you need to do is encrypt the password given and check if it matches the stored password.[/quote]

Thanks for your reply garymardell. That sound really easy.

I'm new to this and there is something I am not understanding here. I did not realize that this hash that is produced by the sha1 and stored in the database could be accurately compared with an encrypted password from the login page ... I thought they would be different inspite of the password being the same.




Theme © iAndrew 2016 - Forum software by © MyBB