Functions of the PHP function crypt. We know that the data encryption function is available. today we will introduce one of the functions that can implement data encryption: the PHP function crypt (). As the PHP function crypt (), we know that there is a function to implement data encryption, today we will introduce one of the functions that can implement data encryption-the PHP function crypt (). As an example of the PHP function crypt (), you want to create a PHP script program to restrict access to a directory, only users with the correct username and password can access this directory.
I will store materials in a table in my favorite MySQL database. The following is an example of creating a table called members:
- mysql>CREATE TABLE members (
- ->username CHAR(14) NOT NULL,
- ->password CHAR(32) NOT NULL,
- ->PRIMARY KEY(username)
- ->);
Then, we assume that the following data has been stored in the table:
Username and password
Clark keloD1C377lKE
Bruce ba1T7vnz9AWgk
Peter paLUvRWsRLZ4U
In the PHP function crypt (), the encrypted passwords correspond to kent, banner, and parker. Note the first two letters of each password. this is because I used the following code to create an interference string based on the first two letters of the password:
- $ EnteredPassword.
- $ Salt = substr ($ enteredPassword, 0, 2 );
- $ UserPswd = crypt ($ enteredPassword, $ salt );
- // $ UserPswd is stored in MySQL together with the user name
I will use Apache password-response authentication configuration to prompt the user to enter the user name and password. a little-known information about PHP is, it recognizes the username and password entered by the Apache password-response system as $ PHP_AUTH_USER and $ PHP_AUTH_PW. I will use these two variables in the authentication script. Take some time to carefully read the following script and pay more attention to the explanation to better understand the following code:
PHP functions crypt () and Apache password-application of the response verification system
- < ?php
- $host = "localhost";
- $user = "zorro";
- $pswd = "hell odolly";
- $db = "users";
- // Set authorization to False
- $authorization = 0;
- // Verify that user has entered
username and password
- if (isset($PHP_AUTH_USER) &&
isset($PHP_AUTH_PW)) :
- mysql_pconnect($host, $user,
$pswd) or die("Can't connect to MySQL
- server!");
- mysql_select_db($db) or die
("Can't select database!");
- // Perform the encryption
- $salt = substr($PHP_AUTH_PW, 0, 2);
- $encrypted_pswd = crypt($PHP_AUTH_PW, $salt);
- // Build the query
- $query = "SELECT username FROM members WHERE
- username = '$PHP_AUTH_USER' AND
- password = '$encrypted_pswd'";
- // Execute the query
- if (mysql_numrows(mysql_query($query)) == 1) :
- $authorization = 1;
- endif;
- endif;
- // confirm authorization
- if (! $authorization) :
- header('WWW-Authenticate:
Basic realm="Private"');
- header('HTTP/1.0 401 Unauthorized');
- print "You are unauthorized
to enter this area.";
- exit;
- else :
- print "This is the secret data!";
- endif;
- ?>
The above is a simple authentication system that verifies user access permissions. When using the PHP function crypt () to protect important confidential information, remember that the PHP function crypt () used by default is not the safest, it can only be used in systems with low security requirements. if you need high security performance, you need the algorithms I will introduce later in this article.
Merge (). As the PHP function crypt...