ID: 41202 Comment by: daveyfelton at hotmail dot com Reported By: nickmc33 at hotmail dot com Status: Open Bug Type: *Encryption and hash functions Operating System: Windows Server 2003 x64 Edition PHP Version: 5.2.1 New Comment:
Why on earth has this bug been marked as bogus!? Of course it's a bug! This is going to cause us so many problems when we upgrade from PHP 4 to 5, becuase all the user passwords we have stored with one way encryption based on crypt won't work anymore! Previous Comments: ------------------------------------------------------------------------ [2007-04-26 14:56:06] nickmc33 at hotmail dot com Reopened for comment. ------------------------------------------------------------------------ [2007-04-26 14:55:28] nickmc33 at hotmail dot com Bogus? I'd imagine that this bug still exists in the latest version of PHP4 as there's no mention of a fix in subsequent updates. The bugged version of PHP that we're runnign isn't really that old (4.4.4). We're going to have to be careful when upgrading now. ------------------------------------------------------------------------ [2007-04-26 14:38:28] [EMAIL PROTECTED] PHP5.2 on windows returns the same result as on PHP5 & PHP4 on Linux. So there was a problem in PHP4 on windows which eventually got fixed. ------------------------------------------------------------------------ [2007-04-26 13:53:04] nickmc33 at hotmail dot com Test results: PHP4: x_JPQON7N9.Ls xxj31ZMTZzkVA PHP5: x_961N.JoN.jw xxj31ZMTZzkVA ------------------------------------------------------------------------ [2007-04-26 13:46:15] nickmc33 at hotmail dot com Description: ------------ I'm finding that the crypt function produces different hashes on PHP4 and PHP5 systems when the second character of the salt is an underscore. Reproduce code: --------------- <?php print crypt("password","x_")."<br />"; print crypt("password","xx"); ?> Expected result: ---------------- The hashes generated should always be the same. Actual result: -------------- Using the test code above the first hash will be different when ran using PHP 5.2.1 and PHP 4.4.4, but the second hash will always be the same. ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=41202&edit=1