Join Up! 104882 members and counting!

Login To PHPBuilder User Name: Password: Register A New Site Account * NOTE: This is for logging into the main site only! To login to the forums, click here

Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Hiermenus DatabaseJournal Technology Jobs Covalent Extends Apache 2.0 to Microsoft ASP.NET ShopWorX - Support for Windows PHP Security Advisory: Vulnerability in PHP versions 4.2.0 and 4.2.1 Network Risk Assessment Full-Featured, Java-Based Apache GUI Creating a PHP-Based Content Management System Dynamic XML with PHP Creating an Online Survey - Part 1 Remote Scripting with Javascript, IFrames and PHP Using the Factory Pattern in PHP Applications

php3-list | 200003

From: Brad Bonkoski (bbc1049 <email protected>)
Date: 03/20/00

• Next message: --== Gajcy ==--: "[PHP3] PHP: FORM"
• Previous message: php-user <email protected>: "RE: [PHP3] file upload"
• In reply to: Rene Ruppert: "[PHP3] MD5 encryption problem"
• Next in thread: Nathan Benson: "Re: [PHP3] MD5 encryption problem"
• Reply: Nathan Benson: "Re: [PHP3] MD5 encryption problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

the question I ask is Why? Why encrypt with php to match against the /etc/shadow
file? Remember, PHP is server side which means that the password still floats on
the wire as plain text! I would suggest using SSL. As for the salt. Unix crypt
takes a random 2 charater "salt" and uses that to encrypt the password.
Because...if you use md5 to encrypt identitcal password they would look identical
encrypted too, but not with crypt. If you really want some client side crypt
stuff I can send you some code samples and such, but it is a horrible process and
I would say use SSL!
-Brad

Rene Ruppert wrote:

> Hi!
>
> I would like to encrypt a password the user types in and compare it to the
> password in /etc/shadow.
> But what must I do to make crypt() encrypt the password the same way as it
> was done in /etc/shadow?
> What ist the correct salt-parameter?
>
> Thanks.
>
> -----------------------------
> Rene Ruppert
> rene.ruppert <email protected>
> -----------------------------
>
> --
> PHP 3 Mailing List <http://www.php.net/>
> To unsubscribe, send an empty message to php3-unsubscribe <email protected>
> To subscribe to the digest, e-mail: php3-digest-subscribe <email protected>
> To search the mailing list archive, go to: http://www.php.net/mailsearch.php3
> To contact the list administrators, e-mail: php-list-admin <email protected>

-- 
PHP 3 Mailing List <http://www.php.net/>
To unsubscribe, send an empty message to php3-unsubscribe <email protected>
To subscribe to the digest, e-mail: php3-digest-subscribe <email protected>
To search the mailing list archive, go to: http://www.php.net/mailsearch.php3
To contact the list administrators, e-mail: php-list-admin <email protected>

• Next message: --== Gajcy ==--: "[PHP3] PHP: FORM"
• Previous message: php-user <email protected>: "RE: [PHP3] file upload"
• In reply to: Rene Ruppert: "[PHP3] MD5 encryption problem"
• Next in thread: Nathan Benson: "Re: [PHP3] MD5 encryption problem"
• Reply: Nathan Benson: "Re: [PHP3] MD5 encryption problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Columns / Articles | Tips / Quickies | News | News Linking and RSS Feeds | Shared Code Library Mail Archives | Support / Discussion Forums | Get Started! Links | Contribute! | Docs