php function Crypt () Introduction _php tutorial

Source: Internet
Author: User
Tags crypt
We know that in the implementation of the data encryption function, we will introduce to you today is one of the functions that can achieve data encryption function--php function crypt (). As an example of PHP function crypt (), consider a situation where you want to create a PHP script that restricts access to a directory, allowing only users who can provide the correct user name and password to access the directory.

I'm going to store the data in a table in my favorite database, MySQL. Let's start with an example of creating this table called the members:

 
  
  
  1. MySQL > CREATE TABLE members (
  2. - > username CHAR () not NULL,
  3. - > password CHAR (+) not NULL,
  4. - > PRIMARY KEY (username)
  5. - > );

We then assume that the following data is already stored in the table:

User name password
Clark Kelod1c377lke
Bruce Ba1t7vnz9awgk
Peter Paluvrwsrlz4u

These encrypted passwords in the PHP function crypt () correspond to the plaintext of Kent, banner, and Parker respectively. Note the first two letters of each password, because I used the following code to create a disturbance string based on the first two letters of the password:

 
  
  
  1. $enteredPassword.
  2. $ Salt substr($enteredPassword, 0, 2);
  3. $ userpswd crypt($enteredPassword, $salt);
  4. $USERPSWD is then stored in MySQL with the user name

I will use the Apache password-answer authentication configuration prompts the user to enter a user name and password, a little-known information about PHP is that it can be Apache password-answering system input username and password to identify as $php_auth_user and $PHP_AUTH_PW, I'll use these two variables in the authentication script. Take some time to read the following script carefully, and pay more attention to the explanations in order to better understand the following code:

Application of PHP function crypt () and Apache password-response authentication system

 
 
  1. < ? PHP
  2. $ Host = "localhost" ;
  3. $ User = "Zorro" ;
  4. $ pswd = "Hell odolly" ;
  5. $ DB = "Users" ;
  6. Set Authorization to False
  7. $ Authorization = 0 ;
  8. Verify that user has entered
    Username and password
  9. if (Isset ($PHP _auth_user) &&
    Isset ($PHP _AUTH_PW)):
  10. Mysql_pconnect ($host, $user,
    $PSWD) or Die (the "Can ' t connect to MySQL
  11. Server! ");
  12. mysql_select_db ($db) or Die
    ("Can ' t select database!");
  13. Perform the encryption
  14. $ Salt = substr ($PHP _auth_pw, 0, 2);
  15. $ encrypted_pswd = Crypt ($PHP _auth_pw, $salt);
  16. Build the query
  17. $ Query = "Select username from" WHERE
  18. username = ' $PHP _auth_user ' and
  19. Password = ' $encrypted _pswd ' ";
  20. Execute the query
  21. if (Mysql_numrows (mysql_query ($query)) = = 1):
  22. $ Authorization = 1 ;
  23. endif
  24. endif
  25. Confirm Authorization
  26. if (! $authorization):
  27. Header (' Www-authenticate:
    Basic Realm="Private");
  28. Header (' http/1.0 401 Unauthorized ');
  29. Print "You are unauthorized
    To enter this area. ";
  30. Exit
  31. else:
  32. Print "This is the secret data!";
  33. endif
  34. ?>

Above is a simple authentication system that verifies user access. When using PHP function crypt () to protect important confidential information, remember that the PHP function used in the default state crypt () is not the safest, only in the security requirements of the system, if the need for high security performance, I need to describe the algorithm later in this article.


http://www.bkjia.com/PHPjc/446265.html www.bkjia.com true http://www.bkjia.com/PHPjc/446265.html techarticle we know that in the implementation of the data encryption function, we will introduce to you today is one of the functions of the Data encryption function PHP function crypt (). As PHP function crypt () ...

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.