Hi there,
Great library. I have everything working except:
One of my text fields is a password field. When my user hits update or add, I need to md5 encode the password before updating or inserting into the db.
Can you give an example of how to do this with the appropriate callback?
Also, if I want to decode the password to display to the user, how would I do that?
many thanks!
Bill
[EXAMPLE] Password field and password encryption/decryption
Started by wclark, 30 January 2012 - 16:38 PM
- Single Page
wclark
-
- Member
Posted 30 January 2012 - 16:38 PM
web-johnny
-
- Administrator
-
- 1,166 posts
Posted 30 January 2012 - 20:55 PM
[quote name='wclark' timestamp='1327941520' post='378']
Hi there,
Great library. I have everything working except:
One of my text fields is a password field. When my user hits update or add, I need to md5 encode the password before updating or inserting into the db.
Can you give an example of how to do this with the appropriate callback?
Also, if I want to decode the password to display to the user, how would I do that?
many thanks!
Bill
[/quote]
Hello Bill,
Believe it or not , I have answer many times this question. But I really don't find ANY example to give you . So I will have a full example of what to do step by step so other people can use this post and help them.
First of all just to mention that it's not a good way to encrypt and decrypt a password. The best way it's just to encrypt your code and if someone wants to just reset his password. Below I have an example of a very simple encryption and decryption. The thing is to get the idea of how to use callbacks and of course you can change it with your needs.
Step 1. Let's do our field a password field . This will be with a simple line of code.
So for now we just need to encrypt and decrypt our password. We have to use two callbacks. The first one is the: callback_before_insert and the callback_before_update. A quick way to use the same callback twice is this:
and the callback will be:
Now the only thing we need is a callback_edit_field just to decrypt the password. So your callback will be:
and the callback will be:
And of course because I understand that everyone (included me) want just a copy paste I have a full example below:
I have to mention that the example is not a working example and i just created for this topic so if you find something wrong just send it.
Hi there,
Great library. I have everything working except:
One of my text fields is a password field. When my user hits update or add, I need to md5 encode the password before updating or inserting into the db.
Can you give an example of how to do this with the appropriate callback?
Also, if I want to decode the password to display to the user, how would I do that?
many thanks!
Bill
[/quote]
Hello Bill,
Believe it or not , I have answer many times this question. But I really don't find ANY example to give you . So I will have a full example of what to do step by step so other people can use this post and help them.
First of all just to mention that it's not a good way to encrypt and decrypt a password. The best way it's just to encrypt your code and if someone wants to just reset his password. Below I have an example of a very simple encryption and decryption. The thing is to get the idea of how to use callbacks and of course you can change it with your needs.
Step 1. Let's do our field a password field . This will be with a simple line of code.
$crud->change_field_type('password_field','password');
So for now we just need to encrypt and decrypt our password. We have to use two callbacks. The first one is the: callback_before_insert and the callback_before_update. A quick way to use the same callback twice is this:
$crud->callback_before_insert(array($this,'encrypt_password_callback'));
$crud->callback_before_update(array($this,'encrypt_password_callback'));
and the callback will be:
.
function encrypt_password_callback($post_array, $primary_key = null)
{
$this->load->library('encrypt');
$key = 'super-secret-key';
$post_array['password_field'] = $this->encrypt->encode($post_array['password_field'], $key);
return $post_array;
}
Now the only thing we need is a callback_edit_field just to decrypt the password. So your callback will be:
$crud->callback_edit_field('password_field',array($this,'decrypt_password_callback'));
and the callback will be:
function decrypt_password_callback($value)
{
$this->load->library('encrypt');
$key = 'super-secret-key';
$decrypted_password = $this->encrypt->decode($value, $key);
return "<input type='password' name='password_field' value='$decrypted_password' />";
}
And of course because I understand that everyone (included me) want just a copy paste I have a full example below:
public function users(){
$crud = new grocery_CRUD();
$crud->set_table('db_user');
$crud->set_subject('User');
$crud->required_fields('user_name');
$crud->columns('user_name','email','real_name','active', 'groups');
$crud->fields('user_name','email','password','real_name','active', 'groups');
$crud->change_field_type('password', 'password');
$crud->callback_before_insert(array($this,'encrypt_password_callback'));
$crud->callback_before_update(array($this,'encrypt_password_callback'));
$crud->callback_edit_field('password',array($this,'decrypt_password_callback'));
$output = $crud->render();
$this->_example_output($output);
}
function encrypt_password_callback($post_array, $primary_key = null)
{
$this->load->library('encrypt');
$key = 'super-secret-key';
$post_array['password'] = $this->encrypt->encode($post_array['password'], $key);
return $post_array;
}
function decrypt_password_callback($value)
{
$this->load->library('encrypt');
$key = 'super-secret-key';
$decrypted_password = $this->encrypt->decode($value, $key);
return "<input type='password' name='password' value='$decrypted_password' />";
}
I have to mention that the example is not a working example and i just created for this topic so if you find something wrong just send it.
wclark
-
- Member
Posted 01 February 2012 - 00:18 AM
Thanks man! I agree that passwords should be one way hashed. I asked for an example of encode/decode for fields like credit card numbers.
Here is a working callback function for hashing passwords:
Here is a working callback function for hashing passwords:
function encode_password_callback($post_array, $primary_key = null)
{
$params = array(0 => 8, 1 => TRUE);
$this->load->library('passwordhash', $params);
$post_array['mypassword'] = $this->passwordhash->HashPassword($post_array['mypassword']);
return $post_array;
}
kenvogt
-
- Member
Posted 24 May 2012 - 19:12 PM
Couldn't you just do something as simple as:
?
->set_rules('password','Password','md5')
?
wclark
-
- Member
Posted 24 May 2012 - 19:50 PM
Maybe. If you have existing data already encrypted, you may want to use an existing encryption/decryption function.
wclark
-
- Member
Posted 24 May 2012 - 20:08 PM
What about the case where you have stored the hashed value of a password field using callback_before_update?
Then later, in edit, the password field should be loaded as blank instead of loading the hash and the rest of the fields should be able to be saved without providing a new password, and without overwriting the existing password in the db.
Finally, if a new password is entered, then the password is updated in the db.
Any ideas how to accomplish this?
Then later, in edit, the password field should be loaded as blank instead of loading the hash and the rest of the fields should be able to be saved without providing a new password, and without overwriting the existing password in the db.
Finally, if a new password is entered, then the password is updated in the db.
Any ideas how to accomplish this?
web-johnny
-
- Administrator
-
- 1,166 posts
Posted 26 May 2012 - 20:14 PM
Well you can do it with easily with callback_before_update and callback_before_insert. Perhaps when I will find some time I will add an example for this.
xcoder
-
- Member
Posted 01 June 2012 - 15:51 PM
[quote name='kenvogt' timestamp='1337886737' post='1951']
Couldn't you just do something as simple as:
?
[/quote]
You cant do that to save the password in encrypted form
Couldn't you just do something as simple as:
->set_rules('password','Password','md5')
?
[/quote]
You cant do that to save the password in encrypted form
Ibaris
-
- Member
Posted 11 June 2012 - 14:05 PM
Hello,
for encode the password in md5 I used this in my controller
I hope that's useful
for encode the password in md5 I used this in my controller
function encrypt_password($post_array, $primary_key = null)
{
$this->load->helper('security');
$post_array['password'] = do_hash($post_array['password'], 'md5');
return $post_array;
}
function usuarios_management()
{
$crud = new grocery_CRUD();
$crud->set_table('users');
$crud->columns('name','email','password','conocido','fecha_alta');
$crud->set_subject('Usuarios');
$crud->callback_before_insert(array($this,'encrypt_password'));
$output = $crud->render();
$this->_main_output($output);
}
I hope that's useful
fdias
-
- Member
Posted 11 June 2012 - 19:56 PM
As pointed by web-johnny in case of password is best to use hash.
Here's how Im dealing with it:
on the crud funtion I have:
Then I have the encrypt_pw function as below:
Here's how Im dealing with it:
on the crud funtion I have:
$crud->callback_before_insert(array($this,'encrypt_pw'));
Then I have the encrypt_pw function as below:
function encrypt_pw($post_array) {
if(!empty($post_array['password'])) {
$post_array['password'] = SHA1($_POST['password']);
}
return $post_array;
}
rikoy
-
- Member
Posted 28 June 2012 - 16:59 PM
[quote name='Ibaris' timestamp='1339423554' post='2248']
Hello,
for encode the password in md5 I used this in my controller
I hope that's useful
[/quote]
thanks it work
Hello,
for encode the password in md5 I used this in my controller
function encrypt_password($post_array, $primary_key = null)
{
$this->load->helper('security');
$post_array['password'] = do_hash($post_array['password'], 'md5');
return $post_array;
}
function usuarios_management()
{
$crud = new grocery_CRUD();
$crud->set_table('users');
$crud->columns('name','email','password','conocido','fecha_alta');
$crud->set_subject('Usuarios');
$crud->callback_before_insert(array($this,'encrypt_password'));
$output = $crud->render();
$this->_main_output($output);
}
I hope that's useful
[/quote]
thanks it work
Phichya Laemluang
-
- Member
Posted 19 February 2013 - 16:00 PM
Hello,
for encode the password in md5 I used this in my controllerfunction encrypt_password($post_array, $primary_key = null) { $this->load->helper('security'); $post_array['password'] = do_hash($post_array['password'], 'md5'); return $post_array; } function usuarios_management() { $crud = new grocery_CRUD(); $crud->set_table('users'); $crud->columns('name','email','password','conocido','fecha_alta'); $crud->set_subject('Usuarios'); $crud->callback_before_insert(array($this,'encrypt_password')); $output = $crud->render(); $this->_main_output($output); }
I hope that's useful
Thank you
wclark
-
- Member
Posted 19 February 2013 - 16:04 PM
Thanks Phichya,
I will try this. Also, I will add callback_before_update code to handle updates of existing records.
:D
mascha
-
- Member
Posted 04 October 2017 - 23:04 PM
Hi There,
i add line as below, but nor work and show error "an error has occured on insert", but when i remove row 1 or 2 error not show, how to add 2 callback_before_insert?
$crud->callback_before_insert(array($this,'unset_verification'));
$crud->callback_before_insert(array($this,'encrypt_password_callback'));
$crud->callback_before_update(array($this,'unset_verification'));
Chan Chea
-
- Member
Posted 19 October 2018 - 09:49 AM
Hi admin,
I already copy your code and replace it into my function, but it still doesn't work.
Could you help on this?
public function testing_grocery2()
{
$crud = new grocery_CRUD();
$this->load->config('grocery_crud');
$this->config->set_item('grocery_crud_file_upload_allow_file_types',
'gif|jpeg|jpg|png');
$crud->set_theme('flexigrid');
$crud->set_table('testing_grocery');
$crud->fields('Name','Age','Gender','password','Description','photo');
$crud->unset_columns('password');
$crud->display_as('Name','Student Name')
->display_as('Age','Student Age')
->display_as('Gender','Student Gender');
$crud->change_field_type('password', 'password');
$crud->callback_before_insert(array($this,'encrypt_password_callback'));
$crud->callback_before_update(array($this,'encrypt_password_callback'));
$crud->callback_edit_field('password',array($this,'decrypt_password_callback'));
function encrypt_password_callback($post_array, $primary_key = null)
{
$this->load->library('encrypt');
$key = 'super-secret-key';
$post_array['password'] = $this->encrypt->encode($post_array['password'], $key);
return $post_array;
}
function decrypt_password_callback($value)
{
$this->load->library('encrypt');
$key = 'super-secret-key';
$decrypted_password = $this->encrypt->decode($value, $key);
return "<input type='password' name='password' value='$decrypted_password' />";
}