|
|
Posted by "Javier" on 07/07/05 12:50
On 05/07/2005 at 14:04 sylikc wrote:
>
>
>For MD5 passwords though, it's a little different and not documented
>as thoroughly...
>
>1) First check your constant CRYPT_MD5... if you don't have it in your
>PHP, this won't work...
>if (CRYPT_MD5 == 1) { echo 'PHP supports MD5-crypt'; }
>
>2) Assuming it works out, do steps #2,#3,#4 above, so you now have
>your $username, $password, $crypthash
>(for ex: $crypthash='$apr1$jZ1.....$1Md.1a88zkKIPCY0b42Cw/')
>
>3) Extract crypt salt from the $crypthash ....
>$cryptsalt = '$'.substr($crypthash,4,11);
>
>4) Verify the password:
>if (crypt($password, $cryptsalt) == $crypthash) { echo 'GOOD!'; }
>
>In step #4 you'll have to see the output from your crypt() function
>that supports MD5. I don't have my built with it just yet and can't
>verify this, but use the steps as a guide to building your
>implementation.
>
>Post some code if you're still having trouble,
Hi
Thanks for your help.
I checked my PHP support CRYPT_MD5, then I did the following:
I've generated a user javier with password javier in my htpasswd file and
got this:
Automatically using MD5 format.
javier:$apr1$nO/.....$x0j4FfqCIQqgtqPckVUkO1
Then I did the following code:
---------------------
<?php
print "password: ".$password = "javier"."\n";
$crypthash = '$apr1$nO/.....$x0j4FfqCIQqgtqPckVUkO1';
$cryptsalt = '$'.substr($crypthash,4,11);
print "cryptsalt: ".$cryptsalt."\n";
print "crypthash: ".$crypthash."\n";
print "crypted by me: ".'$apr'.crypt($password, $cryptsalt)."\n";
?>
----------------------
And the output was:
password: javier
cryptsalt: $1$nO/.....$
crypthash: $apr1$nO/.....$x0j4FfqCIQqgtqPckVUkO1
crypted by me: $apr$1$nO/.....$0cKBXpoO.Q/jpA6sUUafq0
Something didnt worked because as you can see I couldnt generate the same
crypted hash for my password as apache htpasswd did.
Any idea ?
Thanks in advance
J
Navigation:
[Reply to this message]
|