PHP函数crypt()的功能介绍
我们知道在中有实现数据加密的功能,我们今天将为大家介绍的是其中一个可以实现数据加密功能的函数——PHP函数crypt()。 作为PHP函数crypt()的一个例子,考虑这样一种情况,你希望创建一段PHP脚本程序限 制对一个目录的访问,只允许能够提供正确的用户名和口令的用户访问这一目录。
我将把资料存储在我喜欢的数据库MySQL的一个表中。下面我 们以创建这个被称作members的表开始我们的例子:
<ol class="dp-xml"> <li class="alt"><span><span>mysql</span><span class="tag">></span><span>CREATE TABLE members ( </span></span></li> <li> <span>-</span><span class="tag">></span><span>username CHAR(14) NOT NULL, </span> </li> <li class="alt"> <span>-</span><span class="tag">></span><span>password CHAR(32) NOT NULL, </span> </li> <li> <span>-</span><span class="tag">></span><span>PRIMARY KEY(username) </span> </li> <li class="alt"> <span>-</span><span class="tag">></span><span>); </span> </li> </ol>
然后,我们假定下面的数据已经存储在该表中:
用户名 密码
clark keloD1C377lKE
bruce ba1T7vnz9AWgk
peter paLUvRWsRLZ4U
PHP函数crypt()中的这些加密的口令对应的明码分别是kent、banner和parker。注意一下每个口令的前二个字母, 这是因为我使用了下面的代码,根据口令的前二个字母创建干扰串的:
<ol class="dp-xml"> <li class="alt"><span><span>$enteredPassword. </span></span></li> <li> <span>$</span><span class="attribute">salt</span><span> = </span><span class="attribute-value">substr</span><span>($enteredPassword, 0, 2); </span> </li> <li class="alt"> <span>$</span><span class="attribute">userPswd</span><span> = </span><span class="attribute-value">crypt</span><span>($enteredPassword, $salt); </span> </li> <li><span>// $userPswd然后就和用户名一起存储在MySQL 中 </span></li> </ol>
我将使用Apache的口令-应答认证配置提示用户输入用户名和口令,一个鲜为人知的有关PHP的信息是,它可以把Apache 的口令-应答系统输入的用户名和口令识别为$PHP_AUTH_USER和$PHP_AUTH_PW,我将在身份验证脚本中用到这二个变量。花一些时间仔细阅读下 面的脚本,多注意一下其中的解释,以便更好地理解下面的代码:
PHP函数crypt()和Apache的口令-应答验证系统的应用
<ol class="dp-xml">
<li class="alt"><span><span class="tag"><span> ?php </span></span></span></li>
<li>
<span>$</span><span class="attribute">host</span><span> = </span><span class="attribute-value">"localhost"</span><span>; </span>
</li>
<li class="alt">
<span>$</span><span class="attribute">user</span><span> = </span><span class="attribute-value">"zorro"</span><span>; </span>
</li>
<li>
<span>$</span><span class="attribute">pswd</span><span> = </span><span class="attribute-value">"hell odolly"</span><span>; </span>
</li>
<li class="alt">
<span>$</span><span class="attribute">db</span><span> = </span><span class="attribute-value">"users"</span><span>; </span>
</li>
<li><span>// Set authorization to False </span></li>
<li class="alt">
<span>$</span><span class="attribute">authorization</span><span> = </span><span class="attribute-value">0</span><span>; </span>
</li>
<li><span>// Verify that user has entered<br> username and password </span></li>
<li class="alt"><span>if (isset($PHP_AUTH_USER) && <br>isset($PHP_AUTH_PW)) : </span></li>
<li><span>mysql_pconnect($host, $user, <br>$pswd) or die("Can't connect to MySQL </span></li>
<li class="alt"><span>server!"); </span></li>
<li><span>mysql_select_db($db) or die<br>("Can't select database!"); </span></li>
<li class="alt"><span>// Perform the encryption </span></li>
<li>
<span>$</span><span class="attribute">salt</span><span> = </span><span class="attribute-value">substr</span><span>($PHP_AUTH_PW, 0, 2); </span>
</li>
<li class="alt">
<span>$</span><span class="attribute">encrypted_pswd</span><span> = crypt($PHP_AUTH_PW, $salt); </span>
</li>
<li><span>// Build the query </span></li>
<li class="alt">
<span>$</span><span class="attribute">query</span><span> = "SELECT username FROM members WHERE </span>
</li>
<li>
<span class="attribute">username</span><span> = '$PHP_AUTH_USER' AND </span>
</li>
<li class="alt">
<span class="attribute">password</span><span> = '$encrypted_pswd'"; </span>
</li>
<li><span>// Execute the query </span></li>
<li class="alt"><span>if (mysql_numrows(mysql_query($query)) == 1) : </span></li>
<li>
<span>$</span><span class="attribute">authorization</span><span> = </span><span class="attribute-value">1</span><span>; </span>
</li>
<li class="alt"><span>endif; </span></li>
<li><span>endif; </span></li>
<li class="alt"><span>// confirm authorization </span></li>
<li><span>if (! $authorization) : </span></li>
<li class="alt">
<span>header('WWW-Authenticate: <br>Basic </span><span class="attribute">realm</span><span>=</span><span class="attribute-value">"Private"</span><span>'); </span>
</li>
<li><span>header('HTTP/1.0 401 Unauthorized'); </span></li>
<li class="alt"><span>print "You are unauthorized <br>to enter this area."; </span></li>
<li><span>exit; </span></li>
<li class="alt"><span>else : </span></li>
<li><span>print "This is the secret data!"; </span></li>
<li class="alt"><span>endif; </span></li>
<li>
<span class="tag">?></span><span> </span>
</li>
</ol>上面就是一个核实用户访问权限的简单身份验证系统。在使用PHP函数crypt()保护重要的机密资料时,记住在缺省状态下使用的PHP函数crypt()并不是最安全的,只能用在对安全性要求较低的系统中,如果需要较高的安全性能,就需要我在本篇文章的后面介绍的算法。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian
Dec 24, 2024 pm 04:42 PM
PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati
How To Set Up Visual Studio Code (VS Code) for PHP Development
Dec 20, 2024 am 11:31 AM
Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems. With a large collection of extensions for many programming languages, VS Code can be c
How do you parse and process HTML/XML in PHP?
Feb 07, 2025 am 11:57 AM
This tutorial demonstrates how to efficiently process XML documents using PHP. XML (eXtensible Markup Language) is a versatile text-based markup language designed for both human readability and machine parsing. It's commonly used for data storage an
PHP Program to Count Vowels in a String
Feb 07, 2025 pm 12:12 PM
A string is a sequence of characters, including letters, numbers, and symbols. This tutorial will learn how to calculate the number of vowels in a given string in PHP using different methods. The vowels in English are a, e, i, o, u, and they can be uppercase or lowercase. What is a vowel? Vowels are alphabetic characters that represent a specific pronunciation. There are five vowels in English, including uppercase and lowercase: a, e, i, o, u Example 1 Input: String = "Tutorialspoint" Output: 6 explain The vowels in the string "Tutorialspoint" are u, o, i, a, o, i. There are 6 yuan in total
Top 10 cryptocurrency trading platforms, top ten recommended currency trading platform apps
Mar 17, 2025 pm 06:03 PM
The top ten cryptocurrency trading platforms include: 1. OKX, 2. Binance, 3. Gate.io, 4. Kraken, 5. Huobi, 6. Coinbase, 7. KuCoin, 8. Crypto.com, 9. Bitfinex, 10. Gemini. Security, liquidity, handling fees, currency selection, user interface and customer support should be considered when choosing a platform.
List of top ten exchanges in the currency circle
Feb 21, 2025 pm 10:18 PM
The top ten exchanges in the currency circle are ranked by trading volume: Binance Ouyihuobi FTXKrakenCoinbaseGeminiBitfinexBybitGate.io
Login on the official entrance of Ouyi ok exchange
Feb 21, 2025 pm 05:33 PM
Ouyi Exchange, one of the world's leading cryptocurrency trading platforms, provides users with safe and reliable digital asset trading services. Its official portal connection can directly access the platform, making asset management, transactions and investments conveniently and efficiently. By adopting advanced technology and risk control measures, Ouyi is committed to creating a safe and stable trading environment, allowing users to trade with confidence and enjoy the convenience and benefits of the digital asset world.
Get the gate.io installation package for free
Feb 21, 2025 pm 08:21 PM
Gate.io is a popular cryptocurrency exchange that users can use by downloading its installation package and installing it on their devices. The steps to obtain the installation package are as follows: Visit the official website of Gate.io, click "Download", select the corresponding operating system (Windows, Mac or Linux), and download the installation package to your computer. It is recommended to temporarily disable antivirus software or firewall during installation to ensure smooth installation. After completion, the user needs to create a Gate.io account to start using it.
