Ec (2); PHP provides the possibility of using its crypt () function to implement one-way encryption. Stringcrypt (stringinput_string [, stringsalt]) where the input_string parameter is the string to be encrypted, and the second optional salt is a single-digit string, which can affect the encrypted password, further eliminate the possibility of being called a pre-computing attack. By default, PHP uses a two-character DES interference string, script ec (2); script
PHP provides the possibility of using its crypt () function to implement one-way encryption.
String crypt (string input_string [, string salt])
The input_string parameter is the string to be encrypted, and the second optional salt is
Bit String, which can affect the encrypted password and further eliminate the possibility of a pre-computing attack.
. By default, PHP uses a two-character DES interference string. If your system uses
MD5, which uses a 12-character interference string. By the way, you can execute the following
The length of the interference string to be used by the system:
Print "My system salt size is:". CRYPT_SALT_LENGTH;
The system may also support other encryption algorithms. Crypt () supports four algorithms:
Algorithm and corresponding salt Parameters
Length of the number:
Algorithm Salt Length
CRYPT_STD_DES 2-character (Default)
CRYPT_EXT_DES 9-character
CRYPT_MD5 12-character beginning with $1 $
CRYPT_BLOWFISH 16-character beginning with $2 $
Use crypt () for User Authentication
As an example of the crypt () function, you want to create a PHP
The script program restricts access to a directory and only allows users to provide the correct user name and password.
Users access this directory. I will store materials in a table in my favorite MySQL database. Below
Let's start with creating a table called members:
Mysql> create table members (
-> Username CHAR (14) not null,
-> Password CHAR (32) not null,
-> Primary key (username)
-> );
Then, we assume that the following data has been stored in the table:
Username and password
Clark keloD1C377lKE
Bruce ba1T7vnz9Awgk
Peter paLUvRWsRLZ4U
The encrypted passwords correspond to kent, banner, and parker. Note that each
The first two letters of the password, because I used the following code, according to the first two words of the password
When the parent creates an interference string:
$ EnteredPassword.
$ Salt = substr ($ enteredPassword, 0, 2 );
$ UserPswd = crypt ($ enteredPassword, $ salt );
// $ UserPswd is stored in MySQL together with the user name
I will use the Apache password-the answer authentication configuration prompts the user to enter the user name and password,
The little-known information about PHP is that it can convert Apache's password to the user input by the system.
And the password are identified as $ PHP_AUTH_USER and $ PHP_AUTH_PW, which will be used in the authentication script
To these two variables.