Request a little guidance with Database and Decryption please.

[IChaps]

Hello.

I'd just like to enquire about loading a record/entry from a database and decryption.  Encryption is fine.

To start with I'm rebuilding my login/sign in file (signin.php) to load a record from the registration database, then decrypt the record, to check the email and password fields.

All I wanted to enquire is, should I place the decryption code in the signin.php file, or because I'll be accessing the registration database later on in my project as well. Should I place the decryption in a separate php file (say decryption.php for example)  and get the signin.php to load the decryption.php file?

Any thoughts, or how would any one else go about it?

 

Thank You.

 

[justsomeguy]

Is there a real reason to encrypt the email address?  For the password, it is much more secure to hash instead of encrypt.  The only reason you would want to encrypt a password instead of hash it is if you want to be able to tell people what their password is, but in order to do that you sacrifice all of the security provided by hashing.  PHP has built-in functions for password_hash and password_verify you can use for that.