We know that in the implementation of the data encryption function, we will introduce to you today is one of the functions that can achieve data encryption function--php function crypt (). As an example of PHP function crypt (), consider a situation where you want to create a PHP script that restricts access to a directory, allowing only users who can provide the correct user name and password to access the directory.
I'm going to store the data in a table in my favorite database, MySQL. Let's start with an example of creating this table called the members:
- MySQL > CREATE TABLE members (
- - > username CHAR () not NULL,
- - > password CHAR (+) not NULL,
- - > PRIMARY KEY (username)
- - > );
We then assume that the following data is already stored in the table:
User name password
Clark Kelod1c377lke
Bruce Ba1t7vnz9awgk
Peter Paluvrwsrlz4u
These encrypted passwords in the PHP function crypt () correspond to the plaintext of Kent, banner, and Parker respectively. Note the first two letters of each password, because I used the following code to create a disturbance string based on the first two letters of the password:
- $enteredPassword.
- $ Salt substr($enteredPassword, 0, 2);
- $ userpswd crypt($enteredPassword, $salt);
- $USERPSWD is then stored in MySQL with the user name
I will use the Apache password-answer authentication configuration prompts the user to enter a user name and password, a little-known information about PHP is that it can be Apache password-answering system input username and password to identify as $php_auth_user and $PHP_AUTH_PW, I'll use these two variables in the authentication script. Take some time to read the following script carefully, and pay more attention to the explanations in order to better understand the following code:
Application of PHP function crypt () and Apache password-response authentication system
- < ? PHP
- $ Host = "localhost" ;
- $ User = "Zorro" ;
- $ pswd = "Hell odolly" ;
- $ DB = "Users" ;
- Set Authorization to False
- $ Authorization = 0 ;
- Verify that user has entered
Username and password
- if (Isset ($PHP _auth_user) &&
Isset ($PHP _AUTH_PW)):
- Mysql_pconnect ($host, $user,
$PSWD) or Die (the "Can ' t connect to MySQL
- Server! ");
- mysql_select_db ($db) or Die
("Can ' t select database!");
- Perform the encryption
- $ Salt = substr ($PHP _auth_pw, 0, 2);
- $ encrypted_pswd = Crypt ($PHP _auth_pw, $salt);
- Build the query
- $ Query = "Select username from" WHERE
- username = ' $PHP _auth_user ' and
- Password = ' $encrypted _pswd ' ";
- Execute the query
- if (Mysql_numrows (mysql_query ($query)) = = 1):
- $ Authorization = 1 ;
- endif
- endif
- Confirm Authorization
- if (! $authorization):
- Header (' Www-authenticate:
Basic Realm="Private");
- Header (' http/1.0 401 Unauthorized ');
- Print "You are unauthorized
To enter this area. ";
- Exit
- else:
- Print "This is the secret data!";
- endif
- ?>
Above is a simple authentication system that verifies user access. When using PHP function crypt () to protect important confidential information, remember that the PHP function used in the default state crypt () is not the safest, only in the security requirements of the system, if the need for high security performance, I need to describe the algorithm later in this article.
http://www.bkjia.com/PHPjc/446265.html www.bkjia.com true http://www.bkjia.com/PHPjc/446265.html techarticle we know that in the implementation of the data encryption function, we will introduce to you today is one of the functions of the Data encryption function PHP function crypt (). As PHP function crypt () ...