Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
This is actually two questions:
1) My understanding is you determine what type of encryption crypt() uses by how many characters you use in the salt. For instance:
crypt('mypassword', someStringThatIs33CharsLong); // This would be blowfish?
2) Once I get this data, how do I verify it against user input at a future date? The following doesn’t appear to work:
if (crypt($user_input, $encryptedinfo) == $encryptedinfo) {
echo "Password verified!";
}
What am I missing here?
When you are using crypt the Salt (someStringThatIs33CharsLong) needs to be the same in order for you to encrypt something else and have the value the same. I have used this for username/password logins where the password is called with
When you re encrypt you will need to use the same salt to make sure it is the same. This can be done by storing in the database or statically.
So your check would turn into