In the development of PHP applications, if you do not want to develop new encryption algorithms, you can also use the crypt () PHP function to complete the one-way encryption function.
Understanding Crypt ()
As long as you have a bit of experience with a non-Windows platform may be familiar to crypt (), this function is called one-way encryption function, it can encrypt some of the code, but can not reverse the password back to the original plaintext. The crypt () function is defined as follows.
String crypt (String input_string [, string salt])
Where the input_string parameter is a plaintext string that needs to be encrypted, the second optional salt is a bit string that can affect the encrypted cipher and further eliminate the possibility of being cracked. By default, PHP uses a 2-character des jamming string, and if the system is using MD5 (refer to the next section), PHP uses a 12-character jamming string. You can discover the length of the jamming string that the system will use by executing the following command.
Print "My system salt size is:". Crypt_salt_length;
Crypt () supports 4 encryption algorithms, and table 19.1 shows the algorithm supported and the length of the corresponding salt parameter.
Table crypt () supports four encryption algorithms
Algorithm Salt length
Crypt_std_des 2-character (Default)
Crypt_ext_des 9-character
Crypt_md5 12-character beginning with $1$
Crypt_blowfish 16-character beginning with $2$
On the surface, the crypt () function does not seem to be useful, but the function is indeed widely used to guarantee the integrity of the system's passwords. Because the one-way encrypted password even falls into the hands of a third party, because it can not be restored to plaintext, it is not very useful.
Implementing user authentication with crypt ()
The previous section briefly describes the functionality of the Crypt () function, which is used to implement user authentication, and is intended to achieve the same goal as described in section 19.2.3.
1 <!--check_user_crypt.php: Use Crypt () function to authenticate user---------------->
2 <?php
3 $user _name=$_post["user_name"];
4 require_once ("Sys_conf.inc"); System configuration files, including database configuration information
5
6//Connection database
7 $link _id=mysql_connect ($DBHOST, $DBUSER, $DBPWD);
8 mysql_select_db ($DBNAME); Select Database My_chat
9
10//Query for login user information
One $str = "Select Name,password from user where name = ' $user _name '";
$result =mysql_query ($str, $link _id); Execute Query
@ $rows =mysql_num_rows ($result); Number of record pens to get query results
$user _name=$_session["user_name"];
$password =$_post["Password"];