try:
<php echo(CRYPT_SALT_LENGTH); ?>
<php echo(CRYPT_MD5); ?>
or:
<php echo constant("CRYPT_SALT_LENGTH"); ?>
<php echo constant("CRYPT_MD5"); ?>
you should get output of 12 and 1 (not 2 and 0) if md5 is supported in
crypt(), i think.
you compiled php on the system it's running on? if you used a binary rpm
or something, and the system it was compiled on didn't support md5, then
it won't work.
-tcl.
On Tue, 17 Jul 2001, Jeremy Hansen wrote:
>
> Well, I'm assuming, perhaps incorrectly that the perl modules I used
> derived its md5 capabilities from the system. I did see all the comments
> on the crypt() page and basically copied each one. When passing a md5
> looking salt, crypt() doesn't seem to do anything special with it and my
> salt remains the same, first two character are taken like regular des.
>
> How would I go about testing the CRYPT_SALT_LENGTH and CRYPT_MD5
> constants.
>
> Thanks
> -jeremy
>
> On Tue, 17 Jul 2001, tc lewis wrote:
>
> >
> > not sure if you've gotten any help on this yet. perhaps test the
> > CRYPT_SALT_LENGTH and CRYPT_MD5 constants to make sure that your system
> > and compiled php support md5 via crypt(). also, what salts did you try?
> > note the comments at the bottom of
> > http://php.net/manual/en/function.crypt.php about double-quoting $1$ and
> > how it may be interpreted and how to escape the $ characters. also, i'm
> > not sure if you need a $ character at the end of the salt string like in
> > some of the examples on those comments or not. unfortunately, i don't
> > have a system with php running right now to test.
> >
> > you may also want to investigate http://php.net/manual/en/ref.mhash.php
> > depending on what kind of functionality you need. my guess is that
> > crypt() would be suitable for you if it worked properly.
> >
> > -tcl.
> >
> >
> > On Tue, 17 Jul 2001, Jeremy Hansen wrote:
> >
> > >
> > > I'd like to use php to do what I'm able to do in perl.
> > >
> > > use String::Random;
> > > use Crypt::PasswdMD5;
> > >
> > > $foo = new String::Random;
> > >
> > > $rand = $foo->randpattern("ss");
> > >
> > > print "Type in your password: ";
> > >
> > > $password = <STDIN>;
> > >
> > > $hash = unix_md5_crypt($password,$rand);
> > >
> > > $salt = substr($hash,3,2);
> > >
> > > print "SUBSTR: $salt\n";
> > > print "HASH: $hash\n";
> > > print "SALT: $rand\n";
> > >
> > > print "Type in your password: ";
> > > $password_verify = <STDIN>;
> > >
> > > $hash_verify = unix_md5_crypt($password_verify,$salt);
> > >
> > > if ($hash eq $hash_verify) {
> > > print "Good to go!\n";
> > > print "HASH BEFORE: $hash\n";
> > > print "HASH AFTER: $hash_verify\n";
> > > } else {
> > > print "You fuckered it up!\n";
> > > print "HASH BEFORE: $hash\n";
> > > print "HASH AFTER: $hash_verify\n";
> > > }
> > >
> > > srv1:~$ ./crypt.pl
> > > Type in your password: password
> > > SUBSTR: Kd
> > > HASH: $1$Kd$T9I3jUnJvGy0Ekfg2VobM0
> > > SALT: Kd
> > > Type in your password: password
> > > Good to go!
> > > HASH BEFORE: $1$Kd$T9I3jUnJvGy0Ekfg2VobM0
> > > HASH AFTER: $1$Kd$T9I3jUnJvGy0Ekfg2VobM0
> > >
> > > I've looked at crypt() in php and it claims that if you pass it a salt
> > > that resembles $1$ format, it should generate an md5 type hash, but this
> > > doesn't seem to be the case for me. The crypt only looks at the first two
> > > characters of the salt, no matter what, so my salt never changes because
> > > it just seems $1.
> > >
> > > Thanks for explaining what I'm doing wrong.
> > >
> > > -jeremy
> > >
> > > --
> > > salad.
> > >
> > >
> > > --
> > > PHP General Mailing List (http://www.php.net/)
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > To contact the list administrators, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> >
>
> --
> salad.
>
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> To contact the list administrators, e-mail: [EMAIL PROTECTED]
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
