Introduction of several ways to implement encryption in PHP
This article mainly introduces the PHP implementation of several methods of encryption, very comprehensive and practical, are often needed in the project, the need for friends can refer to the following
There are several types of encryption in PHP:
1. MD5 Encryption
String MD5 (string $str [, bool $raw _output = false])
Parameters
STR--the original string.
Raw_output--If the optional raw_output is set to TRUE, then the MD5 Digest is returned in the original binary format of 16 bytes in length.
This is a non-reversible encryption, execute the following code
$password = ' 123456 ';
echo MD5 ($password);
Get the result is e10adc3949ba59abbe56e057f20f883e
2. Crype Encryption
String crypt (String $str [, String $salt])
Crypt () returns a hash string based on the standard UNIX DES algorithm or other available alternative algorithms on the system.
Parameters
STR-the string to be hashed.
Salt--An optional string of salt values. If not provided, the algorithm behavior will be determined by the different algorithm implementations and may lead to an unpredictable end.
This is also an irreversible encryption, which executes the following code
The code is as follows:
$password = ' 123456 ';
$salt = "Test";//Only take the first two
Echo Crypt ($password, $salt);
The result is Temgkvbpcptko.
Examples of using automatic salt values are as follows:
The code is as follows:
$password = Crypt (' MyPassword '); Automatically generate salt values
/* You should use the full result obtained by crypt () as the salt value for password checking to avoid problems caused by using different hashing algorithms. (as mentioned above, the password hash based on the standard DES algorithm uses a 2-character salt value, but a hash based on the MD5 algorithm uses 12 character salt values.) )*/
if (Crypt (' MyPassword ', $password) = = = $password) {
echo "Password verified!";
}
The result of the execution is the output Password verified!
Examples of using crypt () in different hash types are as follows:
The code is as follows:
if (crypt_std_des = = 1) {
Echo ' Standard DES: '. Crypt (' Rasmuslerdorf ', ' RL '). "\ n";
}
if (crypt_ext_des = = 1) {
Echo ' Extended DES: '. Crypt (' Rasmuslerdorf ', ' _j9. Rasm '). "\ n";
}
if (crypt_md5 = = 1) {
Echo ' MD5: '. Crypt (' Rasmuslerdorf ', ' $1$rasmusle$ '). "\ n";
}
if (crypt_blowfish = = 1) {
Echo ' Blowfish: '. Crypt (' Rasmuslerdorf ', ' $2a$07$usesomesillystringforsalt$ '). "\ n";
}
if (crypt_sha256 = = 1) {
Echo ' SHA-256: '. Crypt (' Rasmuslerdorf ', ' $5$rounds=5000$usesomesillystringforsalt$ '). "\ n";
}
if (crypt_sha512 = = 1) {
Echo ' SHA-512: '. Crypt (' Rasmuslerdorf ', ' $6$rounds=5000$usesomesillystringforsalt$ '). "\ n";
}
The results are as follows
Standard des:rl.3stkt.4t8m
Extended DES: _j9. Rasmbyk8r9aiwnc
MD5: $1$rasmusle$riscgzzpwk3uhdidwxvin0
Blowfish: $2a$07$usesomesillystringfore2udlvp1ii2e./u9c8sbjqp8i90dh6hi
SHA-256: $5$ROUNDS=5000$USESOMESILLYSTRI$KQJWPANXZHKQ2BOB43TSAYHEWSQ1LR5QNYPCDH/TP.6
SHA-512: $6$rounds=5000$usesomesillystri$ D4irlxatmp7rx3p3inaxbeoomnaihckrvqp22jz6ey47wc6bkroiuuuboov1i.s5kpgertp/en5mco.chwqw21
On systems that support multiple hashes on the crypt () function, the following constants are set to 0 or 1 depending on whether the appropriate type is available:
Crypt_std_des-a hash based on the standard DES algorithm uses the two characters in the "./0-9a-za-z" character as the salt value. Using illegal characters in salt values will cause crypt () to fail.
Crypt_ext_des-Extended DES algorithm-based hashing. A string with a salt value of 9 characters, consisting of 1 underscores followed by 4-byte cycles and 4-byte salt values. They are encoded into printable characters, each character 6 bits, and the effective bit is the least preferred. 0 to 63 are encoded as "./0-9a-za-z". Using illegal characters in salt values will cause crypt () to fail.
The CRYPT_MD5-MD5 hash uses a string salt value of 12 characters starting with $1$.
The Crypt_blowfish-blowfish algorithm uses the following salt values: "$2a$", a two-bit cost parameter, "$", and a string of 64 bits that are combined by the characters in "./0-9a-za-z". Using a character outside of this range in the Salt value causes crypt () to return an empty string. The two-bit cost parameter is the logarithm of the number of cycles with a base of 2, and its range is 04-31, and exceeding this range will cause crypt () to fail.
The crypt_sha256-sha-256 algorithm uses a 16-character string salt value that begins with $5$ to hash. If the salt value string begins with "rounds= $", the numeric value of N is used to specify the number of executions of the hash loop, much like the cost parameter of the Blowfish algorithm. The default number of cycles is 5000, the minimum is 1000, and the maximum is 999,999,999. N that exceeds this range will be converted to the nearest value.
The crypt_sha512-sha-512 algorithm uses a 16-character string salt value that begins with $6$ to hash. If the salt value string begins with "rounds= $", the numeric value of N is used to specify the number of executions of the hash loop, much like the cost parameter of the Blowfish algorithm. The default number of cycles is 5000, the minimum is 1000, and the maximum is 999,999,999. N that exceeds this range will be converted to the nearest value.
3. SHA1 Encryption
String SHA1 (String $str [, bool $raw _output = false])
Parameters
STR--Input string.
Raw_output--If the optional raw_output parameter is set to TRUE, the SHA1 Digest is returned in the original format of 20-character length, otherwise the return value is a 40-character hexadecimal number.
This is also an irreversible encryption, which executes the following code:
$password = ' 123456 ';
Echo SHA1 ($password);
The result is 7c4a8d09ca3762af61e59520943dc26494f8941b.
Although the above are non-reversible encryption, but can also be based on the way to decrypt the dictionary. The following address provides the ability to decrypt the above encryption results.
http://www.cmd5.com/
That everyone is not added even if add a secret, also useless ah, actually, as long as your encryption is complex enough, the likelihood of being cracked is smaller, for example, with the above three encryption methods of hybrid encryption, I will recommend to everyone a PHP encryption library.
4. URL encryption
String UrlEncode (String $str)
This function makes it easy to encode a string and use it for the request part of the URL, and it also facilitates the passing of a variable to the next page.
Returns a string, in addition to-_, in this string. All non-alphanumeric characters are replaced with a percent sign (%) followed by a two-digit hexadecimal number, and a space is encoded as a plus (+). This encoding is the same as the WWW form POST data, and is encoded in the same way as the application/x-www-form-urlencoded media type. For historical reasons, this encoding differs from the RFC1738 encoding in that the space is encoded as a plus sign (+).
String UrlDecode (String $str)
Decodes any%## in the encoded string given. The plus sign (' + ') is decoded into a space character.
This is a reversible encryption, the UrlEncode method is used for encryption, the UrlDecode method is used for decryption, and the following code is executed:
$url = ' http://www.xxx.com/CraryPrimitiveMan/';
$ENCODEURL = UrlEncode ($url);
Echo $encodeUrl. "\ n"//if it is displayed on the Web page, it will be modified to
echo UrlDecode ($ENCODEURL);
The results are as follows
http%3a%2f%2fwww.xxx.com%2fcraryprimitiveman%2f
http://www.xxx.com/CraryPrimitiveMan/
The method for encrypting URLs based on RFC 3986 is as follows:
The code is as follows:
function Myurlencode ($string) {
$entities = Array ('%21 ', '%2a ', '%27 ', '%28 ', '%29 ', '%3b ', '%3a ', '%40 ', '%26 ', '%3d ', '%2b ', '%24 ', '%2c ', '%2f ', '%3f ', '%25 ', '%23 ', '%5b ', '%5d ');
$replacements = Array ('! '), ' * ', "'", "(", ")", ";", ":", "@", "&", "=", "+", "$", ",", "/", "?", "%", "#", "[", "]");
Return Str_replace ($entities, $replacements, UrlEncode ($string));
}
5. BASE64 Information encoded encryption
String Base64_encode (String $data)
Use base64 to encode data.
This encoding is designed so that binary data can be transmitted through a non-pure 8-bit transport layer, such as the body of an e-mail message.
base64-encoded data takes up about 33% more space than the original data.
String Base64_decode (String $data [, bool $strict = false])
Decodes the base64 encoded data.
Parameters
Data--encoded
Strict-Returns FALSE if the input data exceeds the Base64 alphabet.
Execute the following code:
The code is as follows:
$name = ' Craryprimitiveman ';
$encodeName = Base64_encode ($name);
Echo $encodeName. "\ n";
echo Base64_decode ($encodeName);
The results are as follows
The code is as follows:
q3jhcnlqcmltaxrpdmvnyw4=
Craryprimitiveman
Recommended Phpass
The Phpass 0.3 test is a standard way of hashing the user's password before depositing it into the database. Many commonly used hashing algorithms, such as MD5, or even SHA1, are unsafe for password storage because hackers can easily hack passwords using those algorithms.
The safest way to hash a password is to use the bcrypt algorithm. The Open source Phpass library provides this functionality in an easy-to-use class.
The code is as follows:
Include Phpass Library
Require_once (' phpass-03/passwordhash.php ')
Initialize the hash to be non-portable (this is more secure)
$hasher = new PasswordHash (8, false);
Computes the hash value of the password. $hashedPassword is a string of 60 characters in length.
$hashedPassword = $hasher->hashpassword (' My super cool password ');
You can now safely save the $hashedPassword to the database!
Determine if the user entered the correct password by comparing the user input (the resulting hash value) and the hash value we calculated earlier
$hasher->checkpassword (' The wrong password ', $hashedPassword); False
$hasher->checkpassword (' My super cool password ', $hashedPassword); True
?>
The above is the article about the PHP encryption method introduced, I hope you can like.
http://www.bkjia.com/PHPjc/966920.html www.bkjia.com true http://www.bkjia.com/PHPjc/966920.html techarticle several ways to implement encryption in PHP introduction This article mainly introduces the PHP implementation of several methods of encryption, very comprehensive and practical, are often used in the project, the need for friends to reference ...