Does CodeIgniter auto-hash?

I recently started learning the CodeIgniter framework and i was wondering about one thing:

Does CodeIgniter automatically hash passwords and such when you store them in 开发者_运维百科a database?

If so, how? and when?

Thanks

I'm not sure where you got that idea but: No, CodeIgniter itself does not magically hash or validate passwords for you - you must explicitly do it yourself. CI itself natively has no idea what your data is or what you want to do with it.

There are a few existing libraries you can use for hashing and/or authentication such as:

• Tank Auth
• Ion Auth
• Phpass (for any php project, for hashing)

It's common to suggest bcrypt for hashing, but it's often not available.

If you are using Datamapper ORM with CI, there are examples in the docs on how to hash passwords "automatically" when saving them by using a validation callback in your model.

You need to do it yourself. That said however, whilst functions like md5() and sha1() can be used for one way hashing Codeigniter also provides it's own implementation of sha1() for PHP installations without it.

See here http://codeigniter.com/user_guide/libraries/encryption.html

Remember to only use a one way hash for passwords though.

Ben