PHP Classes
elePHPant
Icontem

EDCriptator: Store and check encrypted user passwords in MySQL

Recommend this page to a friend!
  Info   View files View files (4)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2014-06-05 (2 years ago) RSS 2.0 feedNot enough user ratingsTotal: 334 This week: 1All time: 6,714 This week: 963Up
Version License PHP version Categories
edcriptator 1.1Public Domain5.0PHP 5, Cryptography, User Management, V..., S...
Description Author

This class can store and check encrypted user passwords in MySQL.

It can take given user password and update the user records in a given MySQL database table with an encrypted version of the password eventually using a temporal key specific for each user and and general key which is the same to all users.

The class can verify if a given user password is correct by decrypting the stored password.

The class also regenerate the encrypted passwords for all users.

The MySQL table to store user records, the table field names and the encryption keys are configurable parameters.

Picture of Andoitz Jordan Marmolejo
  Performance   Level  
Name: Andoitz Jordan Marmolejo <contact>
Classes: 7 packages by
Country: Spain Spain
Age: 26
All time rank: 107523 in Spain Spain
Week rank: 51 Up1 in Spain Spain Up
Innovation award
Innovation award
Nominee: 3x

Winner: 2x

Details
INFORMATION

	*** Script created by Andoitz Jordán ***
	
	Please visit http://www.andoitz.com for get more information.

	¿How to use it?
	1. Configure Mysql VARS:
		$this->config["dbu"] = "root"; //MYSQL USER
		$this->config["dbp"] = ""; //MYSQL PASSWORD
		$this->config["dbo"] = "EDCriptator"; //MYSQL DATABASE
		$this->config["dbh"] = "localhost"; //MYSQL HOST
		
	2. Configure User Table used by your users:
		$this->config["t"] = "{tableName}"; //MYSQL TABLE USER
		$this->config["tu"] = "{userColumn}"; //MYSQL TABLE USER COLUMN => [VARCHAR]
		$this->config["tp"] = "{passwordColumn}"; //MYSQL TABLE PASSWORD COLUMN	=> [VARCHAR]
		$this->config["tk"] = "{temporalKeyColumn}"; //MYSQL TABLE TEMPORAL KEY COLUMN => [VARCHAR]	
		$this->config["tig"] = "{idGeneralPasswordColumn}"; //MYSQL TABLE ID GENEREAL PASSWORD KEY COLUMN => [INTEGER]
	
	3. Configure The General Key. IMPORTANT: YOU CAN ADD A NEW GENERAL KEY WHEN YOU NEED REFRESH YOUR SECURITY
		$this->config["generalKey"] = array( 0=> 'ClaveGeneral123/()', 1 => 'newClave123()',2 => 'otraClave123()'); //ENCRYPTATION/DECRYPTATION CODE
	
	4. Create the class instance and use the functions
		$EDCriptator = new EDCriptator(); => Create instance
		$EDCriptator->setPassword('{user}','{password}'); => Set user password
		$EDCriptator->testPassword('{user}','{password}'); => Returns boolean. True = Password is OK
		$EDCriptator->decryptPassword('{user}'); => Returns the decrypted password
		$EDCriptator->updatePassword('{user}'); => Refresh the password allocated in the database with a new temporalKey and the last GeneralKey
		$EDCriptator->regenerateAllPasswords(); => Refresh the password allocated in the database with a new temporalKey and the last GeneralKey (for all users)
	
	
	- EVERY USER HAVE 1 UNIQUE temporalKey
	- ALL USERS MUST HAVE THE SAME GENERAL KEY FOR SECURITY BUT THEY CAN HAVE OTHER GENERAL KEY
		seed = enc(temporalKey,generalKey);
	- SEED IS CORRECT WITH THE ASSIGNED GENERAL KEY
	- GENERAL ID KEY IS RENEW TO THE LAST GENERAL KEY ID WHEN THE USER TRIES TO LOGIN
	- NEW GENERAL KEY MEANS THAT WE WILL CHANGE ALL PASSWORDS (SECURITY SYSTEM)
		savedPassword = enc(realPassword,seed);

EXAMPLES

*** Script created by Andoitz Jordán ***

Please visit http://www.andoitz.com for get more information.

	$EDCriptator = new EDCriptator();
	//$password = $EDCriptator->setPassword('andoitz','prueba');
	//if($EDCriptator->testPassword('andoitz','prueba')) echo 'Correct Password';
	//else echo 'Incorrect Password';
	//echo $EDCriptator->decryptPassword('andoitz');
	//$EDCriptator->updatePassword('andoitz');
	//$EDCriptator->regenerateAllPasswords();
  Files folder image Files  
File Role Description
Plain text file EDCriptator.php Class Script
Plain text file edcriptator.php Class Class source
Accessible without login Plain text file index.php Example Example script
Accessible without login Plain text file README.md Doc. Documentation

 Version Control Unique User Downloads Download Rankings  
 75%
Total:334
This week:1
All time:6,714
This week:963Up