What data encryption is provided in PHP? PHP provides a Crypt () function to complete encryption function: String Crypt (String INPUT_STRING [, STRING SALT]) This function is called a single-way encrypted function, that is, it can encrypt Some codes, but it is not possible to convert the password into the original codes. Once one-way encrypted passwords have fallen into third-party people, because they cannot be reduced as plaintext, there is no big use. When verifying the password entered by the user, the user's input is also a one-way algorithm. If the input is matched to the stored encrypted password, the input password must be correct. This function of the input_string parameter is a string that needs to be encrypted. The second parameter SALT is a bit string that can affect the encrypted dark code and further exclude the likelihood that is called pre-counting attacks. By default, PHP uses a 2-character DES interference string, if your system uses MD5, it uses a 12-character interference string. We can find the length of the interference string to be used by executing the following command: Print "The length of the interference string used is:". Crypt_salt_length; Crypt () supports four algorithms, below is it support the length of the algorithm and the corresponding salt parameters: [Note: the following tabular] how the algorithm Salt length CRYPT_STD_DES 2-character (default) CRYPT_EXT_DES 9-character CRYPT_MD5 12-character beginning with $ 1 $ cRYPT_BLOWFISH 16-character beginning with $ 2 $ Apply PHP data encryption function to user authentication? We use CRYPT () to implement user authentication. For example, we use a PHP program to restrict access to a directory, only allow registered users to access this directory. We put the data store a table of the MySQL database (this data table name is MEMBERS): Mysql> Create Table Members ( Char (32) Not null, The codes corresponding to these encrypted passwords are Tom, John and Bill, respectively.
We will create an interference string according to the first two letters of the password: $ salt = substr ($ EnteredPassword, 0, 2); $ Userpswd = Crypt ($ EnteredPassword, $ ENTEREDPassword, $ SALT); / USERPSWD then stores with the user name in MySQL in Mysql, Crypt () and Apache's password - Answer verification system
