Okay, this is just the bare bones process. If you want a full example, then the preceding recipe is for you. This recipe is for people who already have a create-user process, but wish to integrate some password protection into an existing process.
If you don't need the preceding recipe and only require the bare bones of hashing/comparing; please refer to the following steps:
To generate a hash, perform the following steps:
$config['encryption_key']
as follows: // Call Encrypt library $this->load->library('encrypt'), $hash = $this->encrypt->sha1($text_to_be_hashed);
$config['encryption_key']
as follows:// Call Encrypt library $this->load->library('encrypt'), $key = "This-is-the-key"; $hash = $this->encrypt->sha1($text_to_be_hashed, $key);
The hash values are compared as follows:
// Call Encrypt library $this->load->library('encrypt'), // Generate hash from a their password $hash = $this->encrypt->sha1($password); // Compare the generated hash with that in the database if ($hash != $row->user_hash) { // Didn't match so send back to login redirect('signin/login'), } else { // Did match so log them in if you wish }
Generating a hash with the $config['encryption_key'] value: First, we load the encrypt library with $this->load->library('encrypt')
, then we call the sha1
function in the encrypt library and pass to it the, $text_to_be_hashed
variable. The key used to encrypt the $text_to_be_hashed string
, comes from the value set in the config array item, $config['encryption_key']
, in the config.php
file. $this->encrypt->sha1($text_to_be_hashed)
will return a string that we'll store in the, $hash
variable.
Generating a hash without the $config['encryption_key'] value (that is adding a second parameter): First, we load the encrypt library with $this->load->library('encrypt')
, then we call the sha1
function in the encrypt library and pass to it the, $text_to_be_hashed
, and also an encryption key as a second parameter:
$this->encrypt->sha1($text_to_be_hashed, $key)
Adding this key as a second parameter ($key
) will cause CodeIgniter to use that key rather than any value set in $config['encryption_key']
. $this->encrypt->sha1($text_to_be_hashed, $key)
will return a string that we'll store in the variable, $hash
.
After loading the encryption support library with $this->load->library('encrypt')
, a string of text (in this case, in the, $password
variable) is passed to the sha1
function in the encrypt library, storing its product in the, $hash
variable. We can now use this variable to compare a stored value, such as from a database select result. In this example, we compare $hash
with the value in $row->user_hash
. If they do not match, we send redirect()
to the login screen, but you could easily code any action, such as logging the event or displaying a message rather than a redirect. If the $hash
and $row->user_hash
values do match, then you could perform an action based on this confirmation; an example would be logging the user in.
3.147.104.248