Simple implementation of PHP encryption technology and php encryption technology

Simple implementation of PHP encryption technology and php encryption technology

1. MD5 Encryption

Take a logon page as an example:

<?phprequire_once 'config/database.config.php';$act=$_REQUEST['act'];$username=$_POST['username'];$password=md5($_POST['password']);if ($act=='reg') {  $sql="INSERT INTO user(username,password) VALUES('{$username}','{$password}')";  $result=mysqli_query($link, $sql);    if ($result) {    echo "Success";    echo "<meta http-equiv='refresh' content='1;url=login.html'/>";  }else {    echo "Failure!";    echo "<meta http-equiv='refresh' content='1;url=reg.html'/>";  }}elseif ($act=='login') {  $sql="SELECT * FROM user WHERE username='{$username}' AND password='{$password}'";  $result=mysqli_query($link, $sql);  $validate=mysqli_fetch_array($result);  //var_dump($validate);  if ($validate) {    echo "success";    echo "<meta http-equiv='refresh' content='1;url=http://www.baidu.com'/>";  }else {    echo "failure";    echo "<meta http-equiv='refresh' content='1;url=login.html'/>";  }}

I remember that MD5 is also used for comparison, so the password is saved when there is a database.

mysql> SELECT * FROM user;+----+----------+----------------------------------+| id | username | password             |+----+----------+----------------------------------+| 1 | 123   | d41d8cd98f00b204e9800998ecf8427e || 2 | 123   | 5e12a8f9c9e959060fdcaea165393039 || 3 |     | d41d8cd98f00b204e9800998ecf8427e || 4 | root   | 202cb962ac59075b964b07152d234b70 || 5 | root   | 0c51f0ba4316a5c844397f69effe2d01 |+----+----------+----------------------------------+

Ii. Crypt Encryption Algorithm

It is alsoUnidirectional encryptionAlgorithm, the plaintext password cannot be obtained directly from the ciphertext (the same as MD5 );

Syntax:String crypt (string $ str [, string $ salt]), $ Str is the encrypted plaintext, and $ salt is the interference item, which can be understood as pretzels;

/** * Crypt */echo crypt('shit');echo "
There is basically nothing to say, just one point, crypt encryption has different encryption algorithms, the default is MD5 encryption, but if not given"Salt value", Each refresh is a different result;
Then you can specify the salt value. For details, refer to the Manual. The length of the salt value of each algorithm is different, such as the DES and MD5 values mentioned above. The result is as follows:
1223b8c30a347321299611f873b449ad$1$ed0.Ph..$fPbfhSOMLyNdtZn9krT8X/im37cLeO/JPaQth12A1V7QCns.$1$this is $Bu9FE8Y8oGnIbftjDA4ez0
DES can only take two digits, while MD5 takes eight digits;
The usage is similar. Remember to enter the salt value.
Iii. Sha1
The same is true.Unidirectional encryption, Cannot be cracked (but the online approach is similar to "pseudo-Brute Force" cracking like a database );
The difference with MD5 is that it returns a longer (40 BITs) hexadecimal number string (MD5 is 32 bits );
/** * Sha1 */echo "
Therefore, it is recommended that you do not use these passwords separately for encryption and storage.Hybrid use:
echo "
After encryption, the system performs simple encryption on its own !!
Iv. URL encoding Encryption
Encrypts the address bar information;
Bidirectional, urlencode and urldecode;
/*** URL encoding encryption */$ str = "this is a test"; $ result = urlencode ($ str); echo $ result; echo "
The result is as follows:
this+is+a+testthis is a testlogin.php%3Fusername%3Dshit%26action%3Dact%253+hape%23123%5CShit LoginArray ( [username] => username&shit [gender] => male ) Shit Login2Array ( [username] => username&shit [gender] => male ) Shit Login3Array ( [username] => username&shit [gender] => male ) 
SoThe function is: the address bar is more secure and no longer transmitted in plain text. Another function is to solve the special situation of transmission.
V. Base64 Encryption
In fact, base64 is not an encryption technology, but it only performs base64 encoding on data. It can also be seen as an encryption technology;
/*** Base64 */$ data = "I am king"; echo base64_encode ($ data); echo "
EqualEncrypt content;
Summary
Single hash encryption: Get a fixed length output, which is unidirectional;
Symmetric hash encryption: using the same key for encryption and decryption, you can calculate each other; (SIMPLE algorithm, high efficiency, low overhead, suitable for encrypting a large amount of data) DES and so on
Asymmetric encryption technology: different keys are divided into public keys and private keys.
The simple implementation of the above PHP encryption technology is all the content that I have shared with you. I hope to give you a reference and support for the customer's house.