Search code examples
phpauthenticationpostencryptioncodeigniter-4

How to insert new user data into database in codeigniter 4

I am trying to post user data into the database but I got an error on the password section, please help 

Call to undefined method App\Controllers\Register::encrypt()

the model

 public function register()
    {
        $model = new RegisterModel();

        if (!$this->validate([
            'username' => 'required|min_length[3]|max_length[25]',
            'password'  => 'required',
            'user_phone' => 'required|min_length[11]|max_length[11]'

        ])) {
            echo view('templates/header', ['page_title' => 'Register']);
            echo view('dashboard/register');
            echo view('templates/footer');
        } else {
            $model->save([
                'username' => $this->request->getVar('username'),
                'password'  => $this->encryption->encrypt($this->input->post('password')),
                'user_phone'  => $this->request->getVar('user_phone'),
            ]);

            echo view('news/success');
        }
    }

and this is not reporting anything if a user already exists

<?= \Config\Services::validation()->listErrors(); ?>
Solution

  • Go to app/config/encryption.php and set your secret key and driver.

    or

    You can replace the config file’s settings by passing a configuration object of your own to the Services call. The $config variable must be an instance of either the Config\Encryption class or an object that extends CodeIgniter\Config\BaseConfig.

    $config         = new Config\Encryption();
$config->key    = 'aBigsecret_ofAtleast32Characters';
$config->driver = 'OpenSSL';
$encrypter = \Config\Services::encrypter($config);

    By the way codeigniter documnentation says:

    DO NOT use this or any other encryption library for password storage! Passwords must be hashed instead, and you should do that through PHP’s Password Hashing extension.

    password_hash() creates a new password hash using a strong one-way hashing algorithm. password_hash() is compatible with crypt(). Therefore, password hashes created by crypt() can be used with password_hash().

    Various hash algorithms are supported by password_hash you can use anyone of them, here is an example.

     $hashedpass = password_hash($password, PASSWORD_ARGON2I);

    To verify your password on login for example, use password_verify function it took the users password and the hash and returns boolean value.

     password_verify($usepassword, $hash));

    For more details about hashing passwords see this link: https://www.php.net/manual/en/function.password-hash.php