encrypt decode stopped working after server change

[eluser]Unknown[/eluser]
We have an app that requires the user email address to be encoded. The email is stored using encrypt->encode($user->email).

To retrieve the email we use encrypt->decode($user->email)

Everything was working perfect until we put the app onto a different server. Now when we attempt to decode any user email (that registered while the app was on the previous server) we get a bunch of special characters. Like the following:

�cQp.����h!��O���a^lʉ�I˓��f

Here is the strange part.

We can decode any user's email who registered after the server change. We cannot decode any user's email who registered before the server change.

Our assumption was that one server has mcrypt and the other did not (different encoding methods resulting in a failed decoding). This was not the case. Both servers have the exact same version of mcrypt enabled.

We also checked the following:
• The cipher and mode match on both servers
• Encoding in the app and DB are set to utf8.
• The encryption config key has not changed on either server.
• The email field allows more than 88 characters.

Does anyone have any idea what else could be going wrong here? Thanks for any help you can provide.

[eluser]CroNiX[/eluser]
you mentioned the mcrypt versions were the same, but are the php versions? I had this same trouble moving to a php 5.3 server from one with 5.2, which is where the passwords were originally generated.

[eluser]Unknown[/eluser]
It turns out that mcrypt wasn't on the server before but was recently added. Without mcrypt CI was using the XOR decode method. I thought we had already tried that but I made a mistake when using the _xor_decode method manually. You have to md5 the key before passing it to encrypt->_xor_decode($encoded_string, md5($key)).

You also have to base64_decode the encoded string before passing it to _xor_decode.

It's actually easier to just do this...

$this->encrypt->_mcrypt_exists = false;
$this->encrypt->decode($encoded_string);