PHP crypt password

Navigation
1

I have two curiosities about encryption of passes, I have this code:

1-     $ mainpass="test123"; 

$md5pass = md5($mainpass);
$sha1pass = sha1($md5pass);
$cryptpass = crypt($sha1pass, 'st');

echo ($cryptpass);

Whose output is: 'stSuGIR46GScI'.

But I do not understand why this (below) is not equal and the output is always changing: 

$mainpass = "test123";
$cryptpass = crypt(sha1(md5($mainpass)));

echo ($cryptpass);

By my logic would be equivalent.

2- And in checking and validating the password how would it change the code below that only has md5 to match the encryption made above (in the correct case)? 

if(isset($_POST['username'], $_POST['password'])) {
$username = $_POST['username'];
$password = md5($_POST['password']);
    
asked by anonymous 25.03.2014 / 11:38

1 answer

2

Case 1:

In the first example, you are adding a Salt ('st') when calling the crypt function. I believe the problem is there, since it is the only visible difference. Change the second example to: 

$cryptpass = crypt(sha1(md5($mainpass)), 'st');

Case 2:

Following the same logic, change the line on which the password is set: 

$password = crypt(sha1(md5($_POST['password'])), 'st');
    
25.03.2014 / 11:51
Paging Results in SQL Server 2000 Throwing Exceptions in Eloquent ORM Observers