-
- mysql>CREATE TABLE members (
- ->username CHAR(14) NOT NULL,
- ->password CHAR(32) NOT NULL,
- ->PRIMARY KEY(username)
- ->);
Copy Code
Then, we can enter the user’s data into the table:
Username Password
Tom keloD1C377lKE
John ba1T7vnz9AWgk
Bill paLUvRWsRLZ4U
The plain codes corresponding to these encrypted passwords are Tom, John and Bill respectively. We will create a jam string based on the first two letters of the password:
-
- <?php
- $enteredPassword.
- $salt = substr($enteredPassword, 0, 2);
- $userPswd = crypt($enteredPassword, $salt);
- // $userPswd is then combined with the username Stored together in MySQL
- crypt() and Apache's password-response verification system application
-
- $host = "localhost"; //Host
- $username = "Tom"; //Username
- $passwd = "Hello world "; //Password
- $db = "users"; //Database name
- // Set whether to pass the verification flag, the default is no
- $authorization = 0;
- // Prompt the user to enter the account and password
- if (isset($ PHP_AUTH_USER) && isset($PHP_AUTH_PW)){
- mysql_pconnect($host, $username, $passwd) or die("Cannot connect to the MySQL server!");
- mysql_select_db($db) or die("Cannot select database!" ; username = '$PHP_AUTH_USER' AND password = '$encrypted_pswd'";
- // Execute query
- if (mysql_numrows(mysql_query($query)) == 1) {
- $authorization = 1;
- }
- }
- if (! $authorization){
- header('WWW-Authenticate: Basic realm="User Authentication"');
- header('HTTP/1.0 401 Unauthorized');
- print "Unable to pass verification";
- exit;
- }else {
- print "Encrypted";
- }
- ?>
-
-
-
- Copy code
-
-
The crypt() used by default is not the most secure, so if you need higher security performance, you need something better Algorithm, such as md5(), this function uses the MD5 hash algorithm.
How to encrypt via MD5?
The function encrypted by MD5 in PHP is md5(), one of its functions is mixing.
A hash function can transform a variable-length message into a fixed-length hashed output, also known as a "message digest". This is very useful because a fixed-length string can be used Check file integrity and verify digital signatures and user identities. PHP's built-in md5() hash function will convert a variable-length message into a 128-bit (32-character) message digest. An interesting feature of mixed encoding is that the original plain code cannot be obtained by analyzing the mixed information, because the mixed result has no dependence on the original plain code content. Even changing only one character in a string will cause the MD5 hybrid algorithm to calculate two completely different results. Let’s first look at the contents of the table below and its corresponding results:
Use md5() to mix strings
<php$input = "Hello, PHP world!"; $output = md5($input); print "Output: $output ";- ?>
-
-
-
- Copy code
-
-
Results:
Output: 7996b5e0804042fd531907a4900f190e
Note that the result is 32 characters long. Let’s change the value of $input slightly:
Use md5() to shuffle a slightly changed string
<?php$input = "Hello,PHP World!"; $output = md5($input); print "Output: $output ";- ?>
-
-
- Copy code
-
-
Results:
hash2: f0456d48ed06a5c35b1e42561fa7a016
It can be found that although the length of both results is 32 characters, a small change in the plaintext causes a big change in the result. We can use this feature to check small changes in the data.
|