Codeigniter cannot decode the encrypted password

Question

I made a login form where the user submit his username and password. If the username exist I decode the password and check if is the same as the submitted password.

// This is from db

string(50) "v+bNPHNWHGQbcxrvu1vN8Ty++cMq0oEeaZesvfCfsLgNAFgZno"

// And this is after decode the string above

string(32) "�� U�U{q�0�4��è€UC��o�/�*�."

But it should return 123456

For encode I use

$this->encrypt->encode('123456');

And this is secret key

$config['encryption_key'] = 'kRlaMneym7rF';

// Edit

The problem was that password field was set to varchar 50

Answer 1

Please check your codeigniter charset in config

$config['charset'] = 'UTF-8';

versus the charset of your database. Your conflict is probably coming from there.

Put Codeigniter to test and see if it return the right result. Try hard-coding like before or copy and test this in your controller.

function testencrypting(){
  $str = '12345';
  $key = 'my-secret-key';
  $encrypted = $this->encrypt->encode($str, $key);
  echo $this->encrypt->decode($encrypted, $key);
  exit;

}

Mine produce the expected result: 12345. If that works, then your problem is possibly CHARACTER SET (CHARSET). I'm using an encryption key here. You could use the default in config by leaving out the second parameter in encode and decode.

Let me know if that helped

Answer 2

You want to hash, rather than encrypt, and you can do this with CodeIgniter's encrypt library which uses SHA1 for hashing.

$password = $this->encrypt->sha1('123456');

This would return 7c4a8d09ca3762af61e59520943dc26494f8941b, which is what would be stored in the database.

You cannot un hash a password - you want to check the hashed input against the hash in the database.

Answer 3

Have you tried:

$this->encrypt->decode($string);

Answer 4

A possible cause could be the length of that field in your database, that was my case. I had a field too short.