Hi,
> I am designing a web interface for free mail registration using
> qmail-ldap. The interface is written in PHP4 and I am having trouble
> with the MD5 hash (since I am using MD5 for the passwords) and using the
> following code
> $info["userPassword"]="{MD5}" . base64_encode("MD5".md5($password));
> I found other code using mhas instead of md5 is there a difference
> because this code does not give the correct password.
PHP's native md5 function does not work with ldap, so using the mhash library
is probably the best way to do this (also because you're able to generate SHA
and SSHA hashes as well):
$pw = "{MD5}" . base64_encode(mhash(MHASH_MD5, $password));
If you don't have access to the webserver configuration (and cannot include
mhash support), there's also a workaround (a little bit dirty, but works
fine..)
md5("password");
is the same like
bin2hex(mhash(MHASH_MD5, $password));
so you only have to hex2bin the output of md5(), and then its the same like
the result of mhash... because there's no hex2bin-function in php, you can
define following function:
function hex2bin($data) {
$len = strlen($data);
for($i=0;$i<$len;$i+=2) {
$newdata .= pack("C",hexdec(substr($data,$i,2)));
}
return $newdata;
}
then,
$pw = "{MD5}" . base64_encode(hex2bin(md5($password)));
will produce a valid output too...
Hope this helps,
Matt
--
Matthias Blaser [phone: +41 (0) 31 381 70 48, mobile: +41 (0) 79 501 36 53]
adfinis GmbH, Haslerstrasse 21, CH-3008 Bern (Switzerland)
email: [EMAIL PROTECTED] web: http://www.adfinis.com
