yes, i meant that i wanted "PHP to read the hash value and compare."
i have...
bob: T3dh93j02
...in the database.
"T3dh93j02" is a hashed version of "apple."
when i enter "apple" in the "login" dialogue, it is not authenticating. but, when i enter "T3dh93j02" into the "login" dialogue, it is authenticating. so... somewhere the hashed value isn't getting read?
one might say as a solution to hash the new password and compare that hash with the hash version in the database... but i can't do that because the "form" is the "login" dialogue supplied by the browser, not part of the page or a script (same one that is brought up with .htaccess). so what is the difference?
eh?
On Thursday, July 3, 2003, at 02:25 PM, Corey Edwards wrote:
1. what kind of encryption is used when i am using "htpasswd" when registering users via the command line?
It is the traditional UNIX crypt function using a modified DES.
2. can i encrypt passwords with this same encryption using PHP?
Yes. See this link[1] for a description of the function. About halfway down the page there's a user comment with just the code you need. Do a search for htpasswd.
3. can i make PHP read encrypted passwords?
I'm not sure what you mean. If you want to decrypt the passwords, then
that's not possible. They are one-way encrypted. If you just want PHP to
read the hash value and compare, then yes. Just read the file, explode
on : and compare to the user supplied password.
Corey
1. http://www.php.net/crypt
____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
____________________
BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________
List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
