Have you considered using md5() instead?
On Mon, 2002-10-14 at 16:27, Adam Plocher wrote: > Hello, I am trying to authenticate a password using the crypt() > function. Here's what I got: > > if (crypt($_SERVER['PHP_AUTH_PW'],$data[1]) == $data[1]) > { > ... > } > > $data[1] being the salt.. > > It half-way works... If the users password is 'blah' it will > authenticate fine, but if you append anything to the end of the password > string, it will still allow authentication (ie 'blah12345' will still > work, even though the password is 'blah'). Completely random passwords > do not work, so it seems to be doing SOME checking. Any help would be > very appreciated. > > Thanks > -Adam -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php