Function introduction of the PHP function crypt () _ PHP Tutorial

Source: Internet
Author: User
Tags crypt
Functions of the PHP function crypt. We know that the data encryption function is available. today we will introduce one of the functions that can implement data encryption: the PHP function crypt (). As the PHP function crypt (), we know that there is a function to implement data encryption, today we will introduce one of the functions that can implement data encryption-the PHP function crypt (). As an example of the PHP function crypt (), you want to create a PHP script program to restrict access to a directory, only users with the correct username and password can access this directory.

I will store materials in a table in my favorite MySQL database. The following is an example of creating a table called members:

 
 
  1. mysql>CREATE TABLE members (
  2. ->username CHAR(14) NOT NULL,
  3. ->password CHAR(32) NOT NULL,
  4. ->PRIMARY KEY(username)
  5. ->);

Then, we assume that the following data has been stored in the table:

Username and password
Clark keloD1C377lKE
Bruce ba1T7vnz9AWgk
Peter paLUvRWsRLZ4U

In the PHP function crypt (), the encrypted passwords correspond to kent, banner, and parker. Note the first two letters of each password. this is because I used the following code to create an interference string based on the first two letters of the password:

 
 
  1. $ EnteredPassword.
  2. $ Salt = substr ($ enteredPassword, 0, 2 );
  3. $ UserPswd = crypt ($ enteredPassword, $ salt );
  4. // $ UserPswd is stored in MySQL together with the user name

I will use Apache password-response authentication configuration to prompt the user to enter the user name and password. a little-known information about PHP is, it recognizes the username and password entered by the Apache password-response system as $ PHP_AUTH_USER and $ PHP_AUTH_PW. I will use these two variables in the authentication script. Take some time to carefully read the following script and pay more attention to the explanation to better understand the following code:

PHP functions crypt () and Apache password-application of the response verification system

 
 
  1. < ?php
  2. $host = "localhost";
  3. $user = "zorro";
  4. $pswd = "hell odolly";
  5. $db = "users";
  6. // Set authorization to False
  7. $authorization = 0;
  8. // Verify that user has entered
    username and password
  9. if (isset($PHP_AUTH_USER) &&
    isset($PHP_AUTH_PW)) :
  10. mysql_pconnect($host, $user,
    $pswd) or die("Can't connect to MySQL
  11. server!");
  12. mysql_select_db($db) or die
    ("Can't select database!");
  13. // Perform the encryption
  14. $salt = substr($PHP_AUTH_PW, 0, 2);
  15. $encrypted_pswd = crypt($PHP_AUTH_PW, $salt);
  16. // Build the query
  17. $query = "SELECT username FROM members WHERE
  18. username = '$PHP_AUTH_USER' AND
  19. password = '$encrypted_pswd'";
  20. // Execute the query
  21. if (mysql_numrows(mysql_query($query)) == 1) :
  22. $authorization = 1;
  23. endif;
  24. endif;
  25. // confirm authorization
  26. if (! $authorization) :
  27. header('WWW-Authenticate:
    Basic realm="Private"');
  28. header('HTTP/1.0 401 Unauthorized');
  29. print "You are unauthorized
    to enter this area.";
  30. exit;
  31. else :
  32. print "This is the secret data!";
  33. endif;
  34. ?>

The above is a simple authentication system that verifies user access permissions. When using the PHP function crypt () to protect important confidential information, remember that the PHP function crypt () used by default is not the safest, it can only be used in systems with low security requirements. if you need high security performance, you need the algorithms I will introduce later in this article.


Merge (). As the PHP function crypt...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.