Security in PHP
In this article I am going to explain about PHP security.
Introduction
In PHP we can use the "crypt()" function to create a one-way encryption. Often in an application a password is confidential for the user. When the user chooses their password, the password is then encrypted, and the encrypted version of the password is saved. Whenever the user logins the next time, the application provides the login facilities; if their password matches the encrypted version of the saved password then the login is successful.
Syntax
The syntax of the crypt function is:
crypt (inputString, Salt) |
Parameters
The parameters for the crypt function are:
Parameter |
Description |
inputString |
It specifies which string, you would like to encrypt (Example- Password). |
Salt |
The optional parameter Salt specifies , how encryption will work. Salt will work four types:
- CRYPT_STD_DES - Standard DES-based encryption with a two character salt.
- CRYPT_EXT_DES - Extended DES-based encryption with a nine character salt.
- CRYPT_MD5 - MD5 encryption with a twelve character salt starting with $1$.
- CRYPT_BLOWFISH - Blowfish encryption with a sixteen character salt starting with $2$ or $2a$.
|
Example
<?php
$encryptpassword = crypt('NewPassword');
print $encryptpassword . "is the <b>encrypted version</b> of mypassword.";
echo "</br>";
$encryptpassword = crypt('NewPassword' , 'rtw34');
print $encryptpassword . " is the <b>CRYPT_STD_DES version</b> of mypassword"."</br>";
$password = crypt('NewPassword' , 'k7uritrd.y1g');
print $encryptpassword . " is the <b>CRYPT_EXT_DES version</b> of mypassword."."</br>";
$encryptpassword = crypt('NewPassword' , '$1$d5rttuhy6d$');
print $encryptpassword . " is the <b>CRYPT_MD5 version</b> of mypassword."."</br>";
$encryptpassword = crypt('NewPassword' , '$2a$07$khgfslerd...........$');
print $encryptpassword . " is the <b>CRYPT_BLOWFISH version</b> of mypassword.";
?>
Output