Hello, I am trying to authenticate a password using the crypt()
function. Here's what I got:
if (crypt($_SERVER['PHP_AUTH_PW'],$data[1]) == $data[1])
{
...
}
$data[1] being the salt..
It half-way works... If the users password is 'blah' it will
authenticate fine, but if you append anything to the end of the password
string, it will still allow authentication (ie 'blah12345' will still
work, even though the password is 'blah'). Completely random passwords
do not work, so it seems to be doing SOME checking. Any help would be
very appreciated.
Thanks
-Adam
