I don't know why the warning is being generated or how to resolve it. I know that generating a single $iv is a shortcut compared to how it's supposed to be done (each crypt gets it's own $iv, which is stored alongside with it.) but I can't see how it could "know" that you took that shortcut. :/

Maybe a good read of this page and it's comments [php.net] could help solve it?

Sorry, I really wish I could provide an answer for you.

So I can't use this shortcut? I generated a $iv and now I call it on the decryption page. It is not random each time.

Lol this is very frustrating as it almost works and yet there is this crucial step.

I think I could possibly generate the $iv in relation to the $email size and store it with the email in subscribers.txt separated by pipe. Then I can say foreach subscriber get their iv and email and match them up and then decrypt with the key.

What do you think?

Sorry it took so long, been working. :)

I think I could possibly generate the $iv in relation to the $email size and store it with the email in subscribers.txt separated by pipe. Then I can say foreach subscriber get their iv and email and match them up and then decrypt with the key.

That is how it's "supposed" to work. I'm not certain that will eliminate the error, but it would certainly be worth a try.

Why would it not stop the error? If it is the way it supposed to be done. I don't want to try and code that all out and find out that it isn't going to work.

I'm just trying to not get your hopes up, I'm pretty sure it will work. :)

It's going to be a mission of a code job. I think I will have to do a whole lot of posting on this forum before it works.

I have the data stored in .htacceess do you think it is worth encrypting?

Is there any other security measure that I could implement instead of crypt?