Hi Stu, Just so you don't feel alone, I came across the same problem when I took over someone else's site a few years ago. On my mac the hashed passwords were completely different to the ones in the production server, so I could never login with sample users when I downloaded copies of the live db. Wasn't a biggie in my case, cause I just changed the passwords on my dev and continued working, but it was frustrating at the begining and took me a while to realise that was the problem. Anyway, I never quite found a solution to it, but as I said, just wanted to say that yes, you're not crazy, it does happen. Only in this case, the problem was caused by the crypt function.
Matias Gertel Freelance Web Development & Coding e: [email protected] m: +64 21 288 8840 p: +64 9 838 3367 On 29/07/2009, at 9:00 PM, Stu Meads wrote: Hi all, I've been doing some work with a framework and have found a problem with base_convert. For the following example code: $algorithm = 'sha1'; $password = 'password'; $salt = '4qt6qjymiw4kks0gso80ks408k08c4gss80000s'; // Encrypt the password if(function_exists('hash')) { $password = hash($algorithm, $password . $salt); } else { $password = call_user_func($algorithm, $password . $salt); } echo $password . '<br />'; $password = base_convert($password, 16, 36); echo $password . '<br />'; $password = substr($password, 0, 64); echo $password; I get the same result, except on a Debian Lenny system I'm currently setting up. The code is login code, and as it is, none of the hashed passwords will work for a few 1000 users if it's moved. The systems I have tested it on are: Windows 2003 32bit (php 5.2.10) Debian Etch 32bit x 2 (php 5.2.9 & 5.2.10) Debian Etch 64 bit (php 5.2.9) Debian Lenny 64bit (php 5.2.9 and 5.2.6) All but the Lenny system gives me: d349750fa0fa607a9def5aee3a999dea7d3714ef ooi5f74fw004k88s8kkkggccsww4wc4 ooi5f74fw004k88s8kkkggccsww4wc4 the lenny system: d349750fa0fa607a9def5aee3a999dea7d3714ef ooi5f74fw0bncwokk4occwoo0sock04 ooi5f74fw0bncwokk4occwoo0sock04 Has anybody come across anything like this before, or have any ideas? Is it a number overflow? Anybody have any solutions? Rewriting the login code is not an option, Stu --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
