Here is why.
$pass needs to the users typed password.
$dbpass is the salt.
This is the first 2 characters of the encrypted password. this is how crypt
knows how to encrypt it.
Under rom it looks like this:
if (strcmp (crypt (argument, ch->pcdata->pwd), ch->pcdata->pwd))
the C library automatically grabs the first 2 characters for the salt for
you.
The php version of crypt may not. You might need to do that yourself.
9T0IB5USkXV/c salt would be "9T"
So your PHP check would look more like this:
if (crypt($pass,$salt) == $dbpass) {
Do stuff!
}
Where $pass is the form entered password.
$salt is the first two characters of the form entered password (You might be
able to just pass $pass here again)
and $dbpass is the encrypted password from the pfile.
Now, I hope that helps!
