3

I am trying to login using codeigniter, but not able to do so. Then i tried to copy password from DB and pass it to dycription->decode() function, and it's returning empty string.

Here is the code

var_dump($this->encryption->decode('s0xxxxxxXjrUxxxxxxBTxxxxhc'));

output was: string(0) ""

And this code also returning empty strings

$decoded_password = $this->encryption->decode($encoded_password); 
$decoded_username = $this->encryption->decode($encoded_username);

What i am doing wrong here?

UPDATE: i tried encrypting a string and PRINT IT then decrypt and PRINT, After encryption it returns NULL/Empty and after decryption it returns NULL/Empty (Obvious). Code is below

$encval = $this->encryption->encode('codeigniter');
echo $encval.'  --  IT WAS --'.'codeigniter';
echo "<br>---------------------------------------------------<br>";
echo $this->encryption->decode($encval);

OUTPUT: ^Nothing

Improve this question
3
  • 1
    I would not use codeigniter encryption for password use php.net/manual/en/function.password-hash.php Commented Feb 7, 2017 at 7:59
  • That is okay, but i have got an already built system that is using CI encryption. Commented Feb 7, 2017 at 8:01
  • @NomanAli wolfgang1983 is correct, you should not store your passwords in such a way that they can be decrypted. The function he suggests is the correct approach. Commented Feb 8, 2017 at 5:55

4 Answers 4

Reset to default
2

I had come across this problem, too.. My problem arised from database column varchar lenght limitation.. So, cipher text stored with missing part.. I changed column lenght from 50 to 250 then default option decode and encode work correctly

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Look, there are 2 ways to use encryption in CI and both should not be used for password(use hashing). First find out which one was used to encrypt the password and then stored in DB.Also, its possible some kind of KEY may have been used while encrypting the password check this too.

Below are the 2 encryption libs available in CI.

1.Encrypt class : https://www.codeigniter.com/user_guide/libraries/encrypt.html

2.Encryption Lib: https://www.codeigniter.com/user_guide/libraries/encryption.html

Improve this answer

7 Comments

Following, Please Check $password = $this->input->post('password'); // that's what the user enters on the registration form $encrypted_password = $this->encryption->encode($password); // our encrypted password
So Encryption is used.
Try, $plain_text = 'This is a plain-text message!'; $ciphertext = $this->encryption->encrypt($plain_text); // Outputs: This is a plain-text message! echo $this->encryption->decrypt($ciphertext);
have you include encryption library in your controller?
add this to you function/class construct : $this->load->library('encryption');
|
1

I have resolved this issue by using Encryption library of Codeigniter, currently used library in my application was a little modified so it broke. now 

$this->encryption->decrypt($cipher-text);
$this->encryption->encrypt($plain-text);

This is working perfectly. I had to replace all encodes / decodes with encrypt / decrypt.

Thanks for your time guyz

Improve this answer

Comments

0

Note*: You might require to load the driver if no driver is loaded

$this->encryption->initialize(
  array(
    'driver' => 'openssl',
    'cipher' => 'aes-256',
    'mode' => 'ctr',
    'key' => '123456' // OR any hash if empty then takes from config file
  )
);

// Switch to the MCrypt driver

$this->encryption->initialize(array('driver' => 'mcrypt'));

// Switch back to the OpenSSL driver

$this->encryption->initialize(array('driver' => 'openssl'));

reference: https://codeigniter.com/userguide3/libraries/encryption.html

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.