[PHP] crypt problem
Hi, I have a weird problem with the crypt function. If I do: ?php echo(CRYPT_SALT_LENGTH); echo(CRYPT_MD5); echo crypt(, 'aa'); echo crypt(, '$1$kTzSYf0n$'); ? It print: 12 1 aat2dQ.feSqBI $1qjC9EADQ1x6 It seem that the second password is not encrypted in MD5 but with DES. It should be in MD5 if I read the doc correctly. My PHP version is 4.3.1 and compiled on a RedHat 7.3 with the 2.4.18-27 kernel, apache 1.3.27 and the configure string: './configure' '--with-mysql' '--with-apache=../apache' '--with-gettext' '--with-xml' '--with-dom' '--with-imap=../imap' '--enable-mime-magic' '--with-iconv' '--enable-mbstring' '--with-zlib' '--enable-calendar' '--with-imap-ssl' '--with-mcrypt' Is it something I do wrong or something wrong in my system? Thank you. -- Serge Grondin Technicien en Informatique Commission Scolaire des Bois-Francs Tel. bur.: (819) 758-6453, poste 2920 e-Mail bur.: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] crypt problem
Hi, I have a weird problem with the crypt function. If I do: ?php echo(CRYPT_SALT_LENGTH); echo(CRYPT_MD5); echo crypt(, 'aa'); echo crypt(, '$1$kTzSYf0n$'); It print: 12 1 aat2dQ.feSqBI $1qjC9EADQ1x6 It seem that the second password is not encrypted in MD5 but with DES. It should be in MD5 if the doc is correct. My PHP version is 4.3.1 and compiled on a RedHat 7.3 with the 2.4.18-27 kernel, apache 1.3.27 and the configure string: './configure' '--with-mysql' '--with-apache=../apache' '--with-gettext' '--with-xml' '--with-dom' '--with-imap=../imap' '--enable-mime-magic' '--with-iconv' '--enable-mbstring' '--with-zlib' '--enable-calendar' '--with-imap-ssl' '--with-mcrypt' Is it something I do wrong or something wrong in my system? Thank you. -- Serge Grondin Technicien en Informatique Commission Scolaire des Bois-Francs Tel. bur.: (819) 758-6453, poste 2920 e-Mail bur.: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Crypt problem
On Friday 23 March 2001 00:04, you wrote: you dont... as far as i know, crypt only works on = 8 chars it will truncate anything over 8. That's "traditional" Unix crypt. PHP's crypt() may also understand other crypt algorithms that can handle longer passwords. Check the manual. the problem I am having is that it is only comparing the first 8 characters of the password -- Christian Reiniger LGDC Webmaster (http://sunsite.dk/lgdc/) "Never doubt that a small group of thoughtful, committed people can change the world... Indeed, it's the only thing that ever has." - Margaret Mead -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP] Crypt problem
hello
I use crypt to crypt member's passwords and use the following verify
"$stored_password" is the encrypted, stored password.
"$password" is the plain text password you just got from the form.
## Check the passwords
$encrypted_password = crypt($password,$stored_password);
if ($encrypted_password = $stored_password) { $logged_in = 1; };
the problem I am having is that it is only comparing the first 8 characters
of the password
so if my password was randyrandy
i could get in with randyran
How do I fix this
the crypt password is stored in the database with enough room to store the
password so it isn't cutting it off when inserting to the database.
thanks
randy
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] Crypt problem
you dont... as far as i know,
crypt only works on = 8 chars
it will truncate anything over 8.
perhaps try using md5 or mcrypt...
-Original Message-
From: Randy Johnson [mailto:[EMAIL PROTECTED]]
Sent: Thursday, March 22, 2001 4:33 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Crypt problem
hello
I use crypt to crypt member's passwords and use the following verify
"$stored_password" is the encrypted, stored password.
"$password" is the plain text password you just got from the form.
## Check the passwords
$encrypted_password = crypt($password,$stored_password);
if ($encrypted_password = $stored_password) { $logged_in = 1; };
the problem I am having is that it is only comparing the first 8 characters
of the password
so if my password was randyrandy
i could get in with randyran
How do I fix this
the crypt password is stored in the database with enough room to store the
password so it isn't cutting it off when inserting to the database.
thanks
randy
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
