I am trying to convert md5 to bcrypt

General PHP Help
#1

i have this login method its right now getting password from db in md5, but i want it to recognize bcrypt hash from db and then login, i am using CI framework

This is my login controller

public function login()
{
$this->form_validation->set_rules(‘username’, ‘’.$this->lang->line(“email”).’’, ‘trim|required|valid_email’);
$this->form_validation->set_rules(‘password’, ‘’.$this->lang->line(“password”).’’, ‘trim|required’);

    if ($this->form_validation->run() == false)
    $this->login_page();

    else
    {
        $this->csrf_token_check();

        $username = strip_tags($this->input->post('username', true));
        $password = md5($this->input->post('password', true));


            if ($this->session->userdata('logged_in') == 1 && $this->session->userdata('user_type') == 'Admin')
            {
                redirect('dashboard', 'location');
            }
            if ($this->session->userdata('logged_in') == 1 && $this->session->userdata('user_type') == 'Member')
            {
                redirect('dashboard', 'location');
            }
        }
    }
}

And i think it is getting password hash from “system/core/compat/hash”

#2

These days, we just use PHP’s password_hash() and password_verify for password saving.
It was upgraded a long time ago to be more simple and secure. You can set how long the has is
which allows you to use longer values which makes it harder to hack. If you need to use a certain
encryption, you can also set it. And, for rehashing, use password_rehash. A lot of us rehash every
time a user logs in to make sure the hash is altered which interferes with robots attempting to hack them.
Look into these. There are tons of examples and once you have code post it here if it doesn’t work for you.

Sponsor our Newsletter | Privacy Policy | Terms of Service