Generating access code

Question

I want to generate access code to the website I am making, and make it accessible only by that token. Now, I want the token to have particular information - email address, time +24hrs. I want to perform a cron job every hour to check whether those 24 hours have been reached and delete the token if it has.

I thought of using hash codes, but how can I retrieve information from a hash code? Is there such a function in php to decode a hash code? Because I couldn't find it...

If there isn't, what could be an alternative algorithm for generating access codes?

EDIT: I will use base64_encode(). Thanks

score 1 · Answer 1 · answered Oct 12 '12 at 10:52

1

Don't store the information in the token. Store the information in a database. The token should be randomly generated (and used as the key value).

(Hashes are designed to be one-way, you shouldn't be able to decode them).

answered Oct 12 '12 at 10:52

Quentin

914,110
126
1,211
1,335

I think I found what I was looking for. I am going to use base64_encode() – Lukas Bijaminas Oct 12 '12 at 10:59
@LukasBijaminas — Don't use base64_encode, it is a completely unnecessary leak of data. Use a random token. – Quentin Oct 12 '12 at 11:21

score 1 · Answer 2 · answered Oct 12 '12 at 10:52

You cannot reverse the process of hashing. The best you can do is a brute-force it which is hardly reliable.

You should create a hashed string and store it along with other info in a database. Then in your cron script, check against the database.

Generating access code

2 Answers2