ID: 49954 Updated by: paj...@php.net Reported By: rgr at woodwing dot com -Status: Assigned +Status: Feedback Bug Type: *Encryption and hash functions Operating System: win32 only - Win XP 64-bit PHP Version: 5.3.0 Assigned To: pajoye New Comment:
I can't reproduce it here. Can you try using a php 5.3 VC9 snapshot please? http://windows.php.net/snapshots/ Previous Comments: ------------------------------------------------------------------------ [2009-10-30 12:47:59] carlodeboer at me dot com We are also experiencing problems with this bug. Especially during testing and pilot studies it is quite common to have short passwords. Upgrading to PHP 5.3 is not possible with this bug since we have to support existing installations with short passwords. ------------------------------------------------------------------------ [2009-10-27 13:44:50] vdklah at hotmail dot com This problem is pretty bad; After PHP 5.2->5.3 migration, users having short passwords are no longer allowed to login (to our system) due to the crypt mismatch! And, even worse, they are not allowed to change their password due to the very same problem! ------------------------------------------------------------------------ [2009-10-22 11:51:05] rgr at woodwing dot com Description: ------------ The function Crypt() does not work with less than 4 characters in PHP 5.3.0. See the code sample below. When using 'test' as $user_input and $password it does work correct. Reproduce code: --------------- --- >From manual page: function.crypt#Examples --- $user_input = 'tes'; $password = crypt('tes'); // let the salt be automatically generated if (crypt($user_input, $password) == $password) { echo "Password verified!"; } Expected result: ---------------- The comparison should result true. Actual result: -------------- The comparison returns false. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=49954&edit=1
