RE: [PHP] crypt salt question
- From: the-fallen@xxxxxxx ("Jan Reiter")
- Date: Fri, 31 Aug 2007 00:06:34 +0200
Hi!
How did you do the comparison with the PG_SQL database?? I believe there is
a UNIX function, able to retrieve the salt from a crypt string, or one that
can do the comparison, without a slat given. But I'm not quite sure. I'm
gonna investigate that. But how did you compare passwords before, when using
a time based "random" salt? I understand you use the CRYPT_STD_DES method
....
Greets,
Jan
-----Original Message-----
From: Andras Kende [mailto:andras@xxxxxxxxx]
Sent: Thursday, August 30, 2007 11:42 PM
To: php-general@xxxxxxxxxxxxx
Subject: [PHP] crypt salt question
Hello,
I'm trying to move some app from postgresql to mysql but unable to find out
how to authenticate
against the current crypted passwords with php..
insert to database:
$cset = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789./";
$salt = substr($cset, time() & 63, 1) . substr($cset, time()/64 & 63, 1);
$password = crypt($password, $salt); //pass crypted version of password
for further processing
$result = pg_query ("INSERT INTO users (username, password) VALUES
('$username', '$password')");
I read the crypt is one way encryption but how to compare the password
entered with the encrypted
version if don't know the salt ??
Thanks,
Andras
.
- Follow-Ups:
- RE: [PHP] crypt salt question
- From: "Jan Reiter"
- RE: [PHP] crypt salt question
- References:
- crypt salt question
- From: "Andras Kende"
- crypt salt question
- Prev by Date: Re: [PHP] crypt salt question
- Next by Date: RE: [PHP] crypt salt question
- Previous by thread: RE: [PHP] crypt salt question
- Next by thread: RE: [PHP] crypt salt question
- Index(es):
Relevant Pages
|
