Click here to Skip to main content
15,877,103 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
I want to hash my passwords in codeigniter.I can't find a way around it
this is my insert model.the password is encrypted when inserting the client details.
I cant decrypt it when logging in

What I have tried:

<pre>public function insert_client($codeDigits)
    {
      $hash = $this->hash($_POST['Password']);
        $response = $this->taken_email($_POST['Email']);
        if($response){
            $returned = false;
        }else{
                $this->FirstName    = $_POST['FirstName']; // please read the below note
                $this->LastName    = $_POST['LastName'];
                $this->Email     = $_POST['Email'];  
                $this->Role_Id     = 2;  
                $this->Password = $hash;
                $this->PhoneNo    = $_POST['PhoneNo'];
                $this->confirmCode    = $codeDigits;
                $this->db->insert('users', $this);


                $returned = true;
            }
            
            return $returned;
        }


this is my password hash model
public function hash($password)
   {
       $hash = password_hash($password,PASSWORD_DEFAULT);
       return $hash;
   }

   //verify password
   public function verifyHash($password,$vpassword)
   {
       if(password_verify($password,$vpassword))
       {
           return TRUE;
       }
       else{
           return FALSE;
       }
   }



during login i can't decrypt the password,the password get encrypted in the database correctly anyway.
public function login_model($email,$password)
   {
    
       $this->db->select('*');
       $this->db->from('users');
       $this->db->where(' Email',$email);
       $this->db->where('Password',$password);
       $this->db->where('Role_Id !=',1);
       $query = $this->db->get();

       if($query->num_rows() > 0)
       {
           $results = $query->row(); 
           // storing the results in the variable $data

           foreach($results as $data)
           {
               if($this->verifyHash($this->$password,$data->password == TRUE))
               {
                   $dat = array(
                'id_user' => $data->id_User,
                'FirstName' => $data->FirstName,
                'LastName' => $data->LastName,
                'Phonenumber' => $data->PhoneNo,                  
                'Email' => $data->Email,
                'role' => $data->Role_Id,
                'imageUrl' => $data->imageUrl,
                'category_id' => $data->category_id,
                'IdType' => $data->IdType,
                'IdNumber' => $data->IdNumber,
                'DOB' => $data->DOB,
                'confirmCode' => $data->confirmCode,
                'confirmed' => $data->confirmed,
                'Points'=> $data->Points                  
                   );
                }
            
               $this->session->set_userdata($dat); 
              return true;
            }        
       }
       else{
           return false;
        }
       
   }


this is my login function in the controller
public function post_login()
	{

		$this->form_validation->set_rules('Email', 'Email', 'trim|required|min_length[6]');
		$this->form_validation->set_rules('Password', 'Password', 'trim|required|min_length[6]');

		if($this->form_validation->run() == TRUE ){ 
			if($this->Users_model->login_model($_POST['Email'],$_POST['Password'])){
                //test for redirect
            if($_SESSION['confirmed'] == true) {
                if ($_SESSION['role'] == 2) {


                    redirect("Client/welcome");

                } else if ($_SESSION['role'] == 3) {

                    redirect("Pro/welcome");

                }

            }else{
                    redirect("Welcome/confirmCode");
            }

                // test for redirect
			}else{
				// 
				$this->session->set_flashdata('err', true);
				redirect("Welcome/login");
			}

		}else{

			$this->login();
		}
	}

How can I decrypt the password when logging in.
Posted
Updated 30-Jul-20 18:48pm

Quote:
he password is encrypted when inserting the client details.
I cant decrypt it when logging in

No ! the password is not encrypted, it is hashed, and those are 2 different beasts.
By design, hash can not be reversed.
Hash function - Wikipedia[^]
 
Share this answer
 
Comments
Member 13053943 6-Jun-18 10:19am    
@ppolymophe can you help me to hash the password when they enter it,compare it with the one in the database so they can log in
Richard Deeming 6-Jun-18 10:56am    
Remove the password filter from your query, since the raw password will never match the hashed password:
$this->db->where('Password',$password);


You also seem to have a parenthesis in the wrong position:
if($this->verifyHash($this->$password,$data->password == TRUE))
should be:
if($this->verifyHash($this->$password,$data->password) == TRUE)
Member 13053943 8-Jun-18 6:37am    
thank you.i get your idea but it still didn't work
i removed this from the query
$this->db->where('Password',$password);


and also changed
if($this->verifyHash($this->$password,$data->password) == TRUE)


to:
if($this->verifyHash($password,$data->Password) == TRUE)
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900