Reputation: 7656
How to make a permanent tripcode?
I mean, crypt()'s return is always different. So how do websites like 4chan do to give a permanent tripcode to a password? Are they stored in a database?
Upvotes: 1
Views: 5849
Answers (5)
Reputation: 88816
You pass the salt to crypt() as the second argument. This causes the output to use that salt instead of generating one on the fly.
The salt being randomly generated is why crypt("something") returns different results each time. If I run crypt("something", "ab"), it'll be identical every time. I don't have PHP here to check what the value is, though.
Wikipedia has an article about Tripcodes.
Upvotes: -1
Reputation: 7656
I think there's a table "tripcodes" where tripcodes were generated with the Wikipedia's and they are associated with strings they come from, no?
Upvotes: 0
Reputation: 88816
It's quite common to salt a password, then hash it using DES, MD5, SHA, or newer hashes. The salt is then stored as part of the password.
PHP's crypt works this way, although the exact algorithm it uses to hash the password may be different between versions of PHP... and even between operating systems, although the latter supposedly changed in PHP 5.3. (PHP now includes its own hashing library instead of relying on the OS library, which is really, really important if you're using Windows, as crypt function on Windows only supported DES with 2-byte salt prior to this)
Edit:
Note: crypt has an optional second argument. Passing the encrypted password as the second argument will usually get PHP to detect the salt and algorithm used to originally hash the password, namely because everything other than DES start with $#$ where # is a number.
Upvotes: 1
Reputation: 44714
4chan's tripcodes are created using a specific formula, and are a shorter version of a hash. You can achieve the same effect by using MD5 or SHA1.
Encrypt string to MD5 (PHP):
$md5 = md5("$string");
Encrypt string to SHA1 (PHP):
$sha1 = sha1("$string");
There is no way to reverse the hashing process (just like tripcodes), but with time and power they can be "bruteforced" back to plain text.
Upvotes: 2
Reputation: 1
Yes password are stored in a database but without the use of crypt(). They use sha1() or encryption database function like AES_ENCRYPT() in mysql.
Upvotes: -1
Related Questions
- how to generate unique referral code in php
- PHP make a variable have permanent value
- Google Geocode with PHP
- Create unique random codes - PHP/MySQL
- Generating set of random unique codes in php
- Google map markers in php code
- Postcode of visitor location PHP
- Google MAP Api - Storing GeoLocation
- How do I use PHP to display confirmation tracking code only once w/o using a database?
- PHP page to remember visitor's selection to forward them automatically on their next visit