Hello Ryan,
On 03-03, Ryan A wrote:
> test:dGRkPurkuWmW2 (test:test)
> test1:dGlAW3zdxeAG2 (test1:test1)
$php -r "print crypt('test',base64_encode('test'));";
-> dGRkPurkuWmW2
$php -r "print crypt('test1',base64_encode('test1'));";
-> dGlAW3zdxeAG2
So compare the password string with the output of crypt with
the password as its key and salt argument.
(References: http://www.htaccesstools.com/forum/index.php/t/25/ ,
crypt(3) man page)
Remark: Asking users to send their login password via an
unencrypted webpage only should be done within secure networks.
(Anyone can sniff HTTP, use HTTPS otherwise.)
HTH,
--
Holger Blasum +49-174-7313590 (cell) GnuPG 1024D/ACDFC3B769DC1ED66B47
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
