Zach Starnes
Zach Starnes

Reputation: 3198

Implement crypt() in php

I am trying to encrypt the given password to match one that is in a database. However using crypt() gives me a different result each time so it never matches. How can i make this work.

here is the statement that hashes the password given by the user.

if (empty($_POST) === false) {
        $username = $_POST['username'];
        $password = crypt($_POST['password']);

prior to this i manually made a user that had the crypt('password') but if I enter 'password' into the field it doesn not match.

Upvotes: 0

Views: 177

Answers (3)

Rikesh
Rikesh

Reputation: 26451

Try like this,

//$pass_entered_from_login is the user entered password
//$crypted_pass is the encrypted password from the
//database or file
if(crypt($pass_entered_from_login,$crypted_pass)) == $crypted_pass)
{
   echo("Welcome to my web site.")
}

Read more

Upvotes: 2

themightysapien
themightysapien

Reputation: 8379

crypt auto generates the salt each time you use it ............ so use the same salt for the user do this while registering the user to your database and while checking tooo.

if (empty($_POST) === false) {
    $username = $_POST['username'];
    $password = crypt($_POST['password'],$_POST['username']);
 }

NOTE: the 2nd parameter is the salt in crypt function .

hope it helps :)

Upvotes: -2

xdazz
xdazz

Reputation: 160933

Try below:

if (isset($_POST['username']) && isset($_POST['password'])) {
  $username = $_POST['username'];
  $password = $_POST['password'];

  // get the hashed password from database
  $hashed_password = get_from_db($username);

  if (crypt($password, $hashed_password) == $hashed_password) {
    echo "Password verified!";
  }
}

Upvotes: 4

Related Questions