PHP Classes

EDCriptator: Store and check encrypted user passwords in MySQL

Recommend this page to a friend!
     
  Info   View files View files (4)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2024-01-09 (4 days ago) RSS 2.0 feedNot enough user ratingsTotal: 370 All time: 6,797 This week: 107Up
Version License PHP version Categories
edcriptator 1.10Public Domain5.0PHP 5, Cryptography, User Management, V..., S...
Description 

Author

Andoitz Jordan Marmolejo

This class can store and check encrypted user passwords in MySQL.

It can take given user password and update the user records in a given MySQL database table with an encrypted version of the password eventually using a temporal key specific for each user and and general key which is the same to all users.

The class can verify if a given user password is correct by decrypting the stored password.

The class also regenerate the encrypted passwords for all users.

The MySQL table to store user records, the table field names and the encryption keys are configurable parameters.

Picture of Andoitz Jordan Marmolejo
  Performance   Level  
Name: Andoitz Jordan Marmolejo <contact>
Classes: 7 packages by
Country: Spain Spain

Level 4 StarStarStarStar

 Innovation award
Innovation award
Nominee: 3x

Winner: 2x

Details

INFORMATION

	*** Script created by Andoitz Jordán ***
	
	Please visit http://www.andoitz.com for get more information.

	¿How to use it?
	1. Configure Mysql VARS:
		$this->config["dbu"] = "root"; //MYSQL USER
		$this->config["dbp"] = ""; //MYSQL PASSWORD
		$this->config["dbo"] = "EDCriptator"; //MYSQL DATABASE
		$this->config["dbh"] = "localhost"; //MYSQL HOST
		
	2. Configure User Table used by your users:
		$this->config["t"] = "{tableName}"; //MYSQL TABLE USER
		$this->config["tu"] = "{userColumn}"; //MYSQL TABLE USER COLUMN => [VARCHAR]
		$this->config["tp"] = "{passwordColumn}"; //MYSQL TABLE PASSWORD COLUMN	=> [VARCHAR]
		$this->config["tk"] = "{temporalKeyColumn}"; //MYSQL TABLE TEMPORAL KEY COLUMN => [VARCHAR]	
		$this->config["tig"] = "{idGeneralPasswordColumn}"; //MYSQL TABLE ID GENEREAL PASSWORD KEY COLUMN => [INTEGER]
	
	3. Configure The General Key. IMPORTANT: YOU CAN ADD A NEW GENERAL KEY WHEN YOU NEED REFRESH YOUR SECURITY
		$this->config["generalKey"] = array( 0=> 'ClaveGeneral123/()', 1 => 'newClave123()',2 => 'otraClave123()'); //ENCRYPTATION/DECRYPTATION CODE
	
	4. Create the class instance and use the functions
		$EDCriptator = new EDCriptator(); => Create instance
		$EDCriptator->setPassword('{user}','{password}'); => Set user password
		$EDCriptator->testPassword('{user}','{password}'); => Returns boolean. True = Password is OK
		$EDCriptator->decryptPassword('{user}'); => Returns the decrypted password
		$EDCriptator->updatePassword('{user}'); => Refresh the password allocated in the database with a new temporalKey and the last GeneralKey
		$EDCriptator->regenerateAllPasswords(); => Refresh the password allocated in the database with a new temporalKey and the last GeneralKey (for all users)
	
	
	- EVERY USER HAVE 1 UNIQUE temporalKey
	- ALL USERS MUST HAVE THE SAME GENERAL KEY FOR SECURITY BUT THEY CAN HAVE OTHER GENERAL KEY
		seed = enc(temporalKey,generalKey);
	- SEED IS CORRECT WITH THE ASSIGNED GENERAL KEY
	- GENERAL ID KEY IS RENEW TO THE LAST GENERAL KEY ID WHEN THE USER TRIES TO LOGIN
	- NEW GENERAL KEY MEANS THAT WE WILL CHANGE ALL PASSWORDS (SECURITY SYSTEM)
		savedPassword = enc(realPassword,seed);

EXAMPLES

*** Script created by Andoitz Jordán ***

Please visit http://www.andoitz.com for get more information.

	$EDCriptator = new EDCriptator();
	//$password = $EDCriptator->setPassword('andoitz','prueba');
	//if($EDCriptator->testPassword('andoitz','prueba')) echo 'Correct Password';
	//else echo 'Incorrect Password';
	//echo $EDCriptator->decryptPassword('andoitz');
	//$EDCriptator->updatePassword('andoitz');
	//$EDCriptator->regenerateAllPasswords();

  Files folder image Files  
File Role Description
Plain text file EDCriptator.php Class Script
Plain text file edcriptator.php Class Class source
Accessible without login Plain text file index.php Example Example script
Accessible without login Plain text file README.md Doc. Documentation

Downloadedcriptator-2024-01-09.zip
Downloadedcriptator-2024-01-09.tar.gz
Install with ComposerInstall with Composer
 Version Control Unique User Downloads Download Rankings  
 75%
Total:370
This week:0
All time:6,797
This week:107Up

  Applications that use this package  
No pages of applications that use this class were specified.

Add link image If you know an application of this package, send a message to the author to add a link here.


  Related pages  
Author Link Information