2. PHPRunner General questions
  3. How to turn off password field encryption
This topic is locked

How to turn off password field encryption

 		10/29/2015 6:15:55 AM
PHPRunner General questions
A
 alanbolitho author

How do you turn off password encryption.
I have phprunner ver 8.0 build23504 x64 enterprise
I was using encrypt password in the project and I have decided to turn off password encryption so as to use mcrypt manually, however when I turn off all encryption it still encrypts the password field.
I suspect it is not encrypting but using md5 and/or hashing and not proper encryption. This project may have been started in some version pre-phprunner 6.1 when it used to use md5.
When I change the login password field to the phone number field (for example) it then encrypts the phone number of any newly created record.
How do I stop it encrypting / md5 / hashing or whatever it is doing?
Please help.
Sergey Kornilov admin 10/29/2015

There is an option that appears on 'Registration and passwords' screen that allows you to encrypt passwords. You need to turn it off.
Another option is to edit .phpr file manually. Here is the line you looking for:

<m_bEncryptPasswords>1</m_bEncryptPasswords>



change it to be

<m_bEncryptPasswords>0</m_bEncryptPasswords>
A
 		alanbolitho author 10/29/2015



There is an option that appears on 'Registration and passwords' screen that allows you to encrypt passwords. You need to turn it off.
Another option is to edit .phpr file manually. Here is the line you looking for:

<m_bEncryptPasswords>1</m_bEncryptPasswords>



change it to be

<m_bEncryptPasswords>0</m_bEncryptPasswords>



Thanks for the quick response.
Although the documentation indicates that there is an option to turn off the encryption. on my version there is not this option that you speak of.
I will try to do this manually and report back...
In the mean time: the following code seems to encrypt / decrypt the password field.
<?

$encryptionkey = "this is your key"; // must match the >>security>>encryption key

$iv = "12345678"; // must match the code found in cihererdes.php
function encrypt_data($text){

$encrypted_text = mcrypt_encrypt(MCRYPT_DES, $encryptionkey, $text, MCRYPT_MODE_CBC, $iv);

$encrypted_text = bin2hex($encrypted_text);

return $encrypted_text;

}
function decrypt_data($text){

$text = hex2bin($text);

$decrypted_text = mcrypt_decrypt(MCRYPT_DES, $encryptionkey, $text, MCRYPT_MODE_CBC, $iv);

return $decrypted_text;

}

?>