Why decrypt failed when in two different functions

My laptop is installed 64-bit Windows 7 Home Premium operating system.

I am trying to buid a website based on:
1) apache_2.2.14-win32-x86-no_ssl
2) php-5.2.11-Win32
3) mysql-essential-5.1.40-winx64
4) Zend Framework (ZF) 1.12.0

I create a table in database named clients containing list of clients.

CREATE TABLE `mydb`.`clients` (
  `client_id` INTEGER UNSIGNED NOT NULL AUTO_INCREMENT,
  `email_address` VARCHAR(100) NOT NULL,
  `password` TINYBLOB NOT NULL,
  PRIMARY KEY (`client_id`)
)
ENGINE = InnoDB;

password field data type is TINYBLOB because this field will contain data encrypted by MCRYPT

I have a function for inserting registration data into clients table as the following:

public function newAction()
{

$pass = $this->view->escape($this->_request->getPost("txtpassword"));
$email = $this->view->escape($this->_request->getPost("txtemailaddress"));


$td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, APPLICATION_PATH . '/../crypt/encrypt/', "ofb", APPLICATION_PATH . '/../crypt/mode/');			
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);			
$ks = mcrypt_enc_get_key_size($td);
$key = substr(hash("sha256", Zend_Registry::get('user_key')), 0, $ks);
				
mcrypt_generic_init($td, $key, $iv);
$encrypted = mcrypt_generic($td, $pass);

$newacc = new Application_Model_NewAccount();
$newacc->insertNewAccount($encrypted,$email_address); // insert encrypted password and email address into table clients

mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}

When clients sign in to my website, they are required to fill their email address and password.
Therefore, I have the another function to do that as the following:

public function loginAction()
{
$uid = $this->_request->getQuery('uid');

$newacc = new Application_Model_NewAccount();
$entry = $newacc->find_entry('clients', 'email_address', 'password', 'client_id', '=', $uid);//Fetch data from table clients
$encrypted = $entry[0]['password'];
$email_address = $entry[0]['email_address'];

$td = mcrypt_module_open(MCRYPT_RIJNDAEL_256, APPLICATION_PATH . '/../crypt/encrypt/', "ofb", APPLICATION_PATH . '/../crypt/mode/');			
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);			
$ks = mcrypt_enc_get_key_size($td);
$key = substr(hash("sha256", Zend_Registry::get('user_key')), 0, $ks);
			
mcrypt_generic_init($td, $key, $iv);
$decrypted = mdecrypt_generic($td, $encrypted); // Failed because $decrypted is not similar to initial password

mcrypt_generic_deinit($td);
mcrypt_module_close($td);			
}

I think decryption process is failed because:

$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
                                     // $iv in newAction() is different from $iv in loginAction()
                                     // because of MCRYPT_RAND that is the system random number generator.
                                     // It generates two different values in two different functions.

Please help me solve this problem.

What do you mean by failed?

What is the behavior you are getting? What is the behavior you're expecting instead? Do you get a PHP interpreter error?

Billy3

I get no PHP interpreter error. But my decryption is still unsuccessful because it is successful only when
$iv which is created by

$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);

must be the same in newAction() and in loginAction(). Is there way to maintain it, Billy?