PHP Data encryption. Data encryption has become more and more important in our lives, especially considering the large amount of data that has been traded and transmitted over the Internet. It is assumed that data encryption is becoming more and more important to adopt security measures, especially considering the large volume of transactions and transmitted data on the Internet. If you are interested in using security measures, you will also be interested in learning a series of security functions provided by PHP. In this article, we will introduce these features and provide some basic usage so that you can add security features to your application software.
Prerequisites
Before introducing the security features of PHP, we need to spend some time introducing the basic cryptography knowledge to those who have never been familiar with this aspect, if you are familiar with the basic concepts of cryptography, you can skip this part.
Cryptography can be widely described as the research and experiment on encryption/decryption. encryption is a process of converting easy-to-understand data into easy-to-understand data, decryption is the process of converting obscure data into original understandable data. An obscure document is called a password, and an easy-to-understand document is called a plaintext.
Data encryption/decryption requires certain algorithms. these algorithms can be very simple, such as the famous Caesar code. However, the current encryption algorithm is much more complex, some of these methods cannot be decrypted even by using the existing methods.
PHP encryption
Anyone who has experience using a non-Windows platform may be familiar with crypt (). This function is called one-way encryption and can encrypt some plain codes, however, the password cannot be converted to the original plaintext. Although on the surface this seems useless, it is indeed widely used to ensure the integrity of the system password. Because, once a one-way encryption password falls into the hands of a third party, it is useless because it cannot be restored to plain text. When verifying the user's entered password, the user's input is also a one-way algorithm. if the input matches the stored encrypted password, the entered message must be correct.
PHP also provides the possibility of using its crypt () function to implement one-way encryption. Here I will briefly introduce this function:
String crypt (string input_string [, string salt])
The input_string parameter is the string to be encrypted, and the second available salt is a single-digit string. it can affect the encrypted password and further eliminate the possibility of a pre-computing attack. By default, PHP uses a two-character DES interference string. if your system uses MD5 (I will introduce the MD5 algorithm later ), it uses a 12-character interference string. By the way, you can run the following command to find the length of the interference string to be used by the system:
Print "My system salt size is:". CRYPT_SALT_LENGTH;
The system may also support other encryption algorithms. Crypt () supports the following algorithms and the length of the corresponding salt parameter:
Algorithm Salt length
CRYPT_STD_DES 2-character (Default)
CRYPT_EXT_DES 9-character
CRYPT_MD5 12-character beginning with $
CRYPT_BLOWFISH 16-character beginning with $
Use crypt () for user authentication
As an example of the crypt () function, you want to create a PHP script to restrict access to a directory, only users with the correct username and password are allowed to access this directory. I will store materials in a table in my favorite MySQL database. The following is an example of creating a table called members:
Mysql> create table members (
-> Username CHAR (14) not null,
-> Password CHAR (32) not null,
-> Primary key (username)
-> );
Then, we assume that the following data has been stored in the table:
Username and password
Clark keloD1C377lKE
Bruce ba1T7vnz9AWgk
Peter paLUvRWsRLZ4U
The encrypted passwords correspond to kent, banner, and parker. Pay attention to the first two letters of each password. this is because I used the following code to create interference strings based on the first two letters of the password:
$ EnteredPassword.
$ Salt = substr ($ enteredPassword, 0, 2 );
$ UserPswd = crypt ($ enteredPassword, $ salt );
// $ UserPswd is stored in MySQL together with the user name
I will use Apache password-response authentication configuration to prompt the user to enter the user name and password. a little-known information about PHP is, it recognizes the username and password entered by the Apache password-response system as $ PHP_AUTH_USER and $ PHP_AUTH_PW. I will use these two variables in the authentication script. Take some time to carefully read the following script and pay more attention to the explanation to better understand the following code:
Application of password-response verification system for crypt () and Apache
$ Host = "localhost ";
$ User = "zorro ";
$ Pswd = "hell odolly ";
$ Db = "users ";
// Set authorization to False
$ Authorization = 0;
// Verify that user has entered username and password
If (isset ($ PHP_AUTH_USER) & isset ($ PHP_AUTH_PW )):
Mysql_pconnect ($ host, $ user, $ pswd) or die ("Can't connect to MySQL
Server! ");
Large volumes of data are traded and transmitted by the producer. If you are interested in using security measures...
