I have google this alot, but unfortunatilty found no working solution.
I know its a bad technique, but I need to send user its password by email.
I have manage to sent user Hash password, but i am unable to decrypt this password.
The following is the procedure i am using.
$results = DB::select("select * from dockl_users where email='" . Input::get('email') ."';");
foreach($results as $data){
$password= $data->password;
$email= $data->email;
}
Mail::send('passwordRecovery', array('email' =>$password), function($message)
{
$message->to(Input::get('email') )->subject('Password Recovery');
});
The above code send Encrypted
password to the user by email but when i try to decrypt, it gives me following error message.
$decrypt= Crypt::decrypt($data->password);
Invalid data.
throw new DecryptException("Invalid data.");
Kindly guide me how to achieve this..
This question is related to
php
laravel
encryption
Short answer is that you don't 'decrypt' the password (because it's not encrypted - it's hashed).
The long answer is that you shouldn't send the user their password by email, or any other way. If the user has forgotten their password, you should send them a password reset email, and allow them to change their password on your website.
Laravel has most of this functionality built in (see the Laravel documentation - I'm not going to replicate it all here. Also available for versions 4.2 and 5.0 of Laravel).
For further reading, check out this 'blogoverflow' post: Why passwords should be hashed.
For compare hashed password with the plain text password string you can use the PHP password_verify
if(password_verify('1234567', $crypt_password_string)) {
// in case if "$crypt_password_string" actually hides "1234567"
}
Source: Stackoverflow.com