Click here to Skip to main content
15,112,662 members
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
I want to hash my passwords in codeigniter.I can't find a way around it
this is my insert model.the password is encrypted when inserting the client details.
I cant decrypt it when logging in

What I have tried:

<pre>public function insert_client($codeDigits)
    {
      $hash = $this->hash($_POST['Password']);
        $response = $this->taken_email($_POST['Email']);
        if($response){
            $returned = false;
        }else{
                $this->FirstName    = $_POST['FirstName']; // please read the below note
                $this->LastName    = $_POST['LastName'];
                $this->Email     = $_POST['Email'];  
                $this->Role_Id     = 2;  
                $this->Password = $hash;
                $this->PhoneNo    = $_POST['PhoneNo'];
                $this->confirmCode    = $codeDigits;
                $this->db->insert('users', $this);


                $returned = true;
            }
            
            return $returned;
        }


this is my password hash model
public function hash($password)
   {
       $hash = password_hash($password,PASSWORD_DEFAULT);
       return $hash;
   }

   //verify password
   public function verifyHash($password,$vpassword)
   {
       if(password_verify($password,$vpassword))
       {
           return TRUE;
       }
       else{
           return FALSE;
       }
   }



during login i can't decrypt the password,the password get encrypted in the database correctly anyway.
public function login_model($email,$password)
   {
    
       $this->db->select('*');
       $this->db->from('users');
       $this->db->where(' Email',$email);
       $this->db->where('Password',$password);
       $this->db->where('Role_Id !=',1);
       $query = $this->db->get();

       if($query->num_rows() > 0)
       {
           $results = $query->row(); 
           // storing the results in the variable $data

           foreach($results as $data)
           {
               if($this->verifyHash($this->$password,$data->password == TRUE))
               {
                   $dat = array(
                'id_user' => $data->id_User,
                'FirstName' => $data->FirstName,
                'LastName' => $data->LastName,
                'Phonenumber' => $data->PhoneNo,                  
                'Email' => $data->Email,
                'role' => $data->Role_Id,
                'imageUrl' => $data->imageUrl,
                'category_id' => $data->category_id,
                'IdType' => $data->IdType,
                'IdNumber' => $data->IdNumber,
                'DOB' => $data->DOB,
                'confirmCode' => $data->confirmCode,
                'confirmed' => $data->confirmed,
                'Points'=> $data->Points                  
                   );
                }
            
               $this->session->set_userdata($dat); 
              return true;
            }        
       }
       else{
           return false;
        }
       
   }


this is my login function in the controller
public function post_login()
	{

		$this->form_validation->set_rules('Email', 'Email', 'trim|required|min_length[6]');
		$this->form_validation->set_rules('Password', 'Password', 'trim|required|min_length[6]');

		if($this->form_validation->run() == TRUE ){ 
			if($this->Users_model->login_model($_POST['Email'],$_POST['Password'])){
                //test for redirect
            if($_SESSION['confirmed'] == true) {
                if ($_SESSION['role'] == 2) {


                    redirect("Client/welcome");

                } else if ($_SESSION['role'] == 3) {

                    redirect("Pro/welcome");

                }

            }else{
                    redirect("Welcome/confirmCode");
            }

                // test for redirect
			}else{
				// 
				$this->session->set_flashdata('err', true);
				redirect("Welcome/login");
			}

		}else{

			$this->login();
		}
	}

How can I decrypt the password when logging in.
Posted
Updated 30-Jul-20 19:48pm

Quote:
he password is encrypted when inserting the client details.
I cant decrypt it when logging in

No ! the password is not encrypted, it is hashed, and those are 2 different beasts.
By design, hash can not be reversed.
Hash function - Wikipedia[^]
   
Comments
Member 13053943 6-Jun-18 10:19am
   
@ppolymophe can you help me to hash the password when they enter it,compare it with the one in the database so they can log in
Richard Deeming 6-Jun-18 10:56am
   
Remove the password filter from your query, since the raw password will never match the hashed password:
$this->db->where('Password',$password);


You also seem to have a parenthesis in the wrong position:
if($this->verifyHash($this->$password,$data->password == TRUE))
should be:
if($this->verifyHash($this->$password,$data->password) == TRUE)
Member 13053943 8-Jun-18 6:37am
   
thank you.i get your idea but it still didn't work
i removed this from the query
$this->db->where('Password',$password);


and also changed
if($this->verifyHash($this->$password,$data->password) == TRUE)


to:
if($this->verifyHash($password,$data->Password) == TRUE)
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900