Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Login with the encryption class
Login with the encryption class
  • El Forum
    Guest
  •  
#1
04-20-2011, 03:47 AM

[eluser]PQMailer[/eluser]
Hello,

I have a little problem. I want to use the encryption class to encode the mail addresses and the passwords in the database. I want to check the login with the email address. But the encryption class always generates an other encoded string. To check if the e-mail address exists i found a solution. I wanted to use something like this.

Code:
$this->db->select('email');
$control = $this->db->get('users')->result_array();
$email_decode = array();
foreach($control as $value):
array_push($email_decode, $this->encrypt->decode($value['email']));
endforeach;
if( ! in_array($input['email'], $email_decode)){
echo $this->lang->line('login_wrong_email');
exit;
}


But how can i check the password ? Because i can't use something like this, if the mail address is encoded.

Code:
$email = $input['email'];
$query = $this->db->get_where('users', array('email' => $email));
$row = $query->row();
if($row->password != $input['password']){
echo $this->lang->line('login_wrong_password');
exit;
}

Do anyone have an idea how a login with the encryption class can be realized ?
  • El Forum
    Guest
  •  
#2
04-20-2011, 04:44 AM

[eluser]danmontgomery[/eluser]
You really should not be storing passwords with two-way encryption. If you're set on this course, it looks something like:

Code:
$this->db->where('email' => $this->encrypt->encode($email))->where('password' => $this->encrypt->encode($password))->get('users');

If you decide to store passwords with a one-way hash, as you should, the logic is the same, just using whichever hashing method you decide.

Code:
$this->db->where('email' => $this->encrypt->encode($email))->where('password' => $this->encrypt->sha1($password))->get('users');
  • El Forum
    Guest
  •  
#3
04-20-2011, 06:22 AM

[eluser]PQMailer[/eluser]
Yes you are right. I found a nice function.
Code:
function _prep_password($password)
{
     return sha1($password.$this->config->item('encryption_key'));
}

But if i use this it won't work i think, because the encrypted string always looks different.

Code:
$this->db->where('email' => $this->encrypt->encode($email))

Because of that i decoded all the e-mail addresses with foreach.

Code:
foreach ( $control as $value ):
array_push( $email_decode, $this->encrypt->decode( $value['email'] ) );
endforeach;




Theme © iAndrew 2016 - Forum software by © MyBB