首先,我看到要使用CRYPT_BLOWFISH,我需要用$ 2a $开头的16个字符的盐。但php.net documentation for crypt()表示某些系统不支持CRYPT_BLOWFISH。这种情况多久?(PHP)如何在CRYPT_BLOWFISH中使用crypt()?
接下来,他们对文档的例子,我看到我用的crypt()如下:
$password = crypt('mypassword'); // let the salt be automatically generated
/* You should pass the entire results of crypt() as the salt for comparing a
password, to avoid problems when different hashing algorithms are used. (As
it says above, standard DES-based password hashing uses a 2-character salt,
but MD5-based hashing uses 12.) */
if (crypt($user_input, $password) == $password) {
echo "Password verified!";
}
?>
为了使用crypt_blowfish的,我会需要修改的唯一的事情是第一线,使它是这样的;
crypt('mypassword', '$2a$07$usesomesillystringforsalt$')
然后其余的行都很好吗?
2010-02-10
sepiroth