PHP crypt()在5.6.4版本中返回* 0失败字符串,但不是5.4,
作者:互联网
echo crypt(‘test’,“$2a $07 $”);在PHP版本5.4.16中生成一个长哈希,但它在5.6.4中生成“失败字符串”* 0.
读取crypt()上的PHP文档,我仍然不太清楚为什么,尽管Changelog提到* 1被返回而不是* 0,具体取决于具体情况. (http://php.net/manual/en/function.crypt.php)
在这种情况下返回* 0的原因是什么? PHP过去5.4是否已经停止了$2a $07 $形式的坏盐?
解决方法:
Blowfish定义说你必须在第三个$之后定义一个字符串.
<?php
echo crypt('test', "$2a$07$mystring");
?>
Blowfish hashing with a salt as follows: “$2a$”, “$2x$” or “$2y$”, a two digit cost parameter, “$”, and 22 characters from the alphabet “./0-9A-Za-z”
如果不定义该字符串,则会收到错误* 0.
5.6.5 When the failure string “*0” is given as the salt, “*1” will now be returned for consistency with other crypt implementations. Prior to this version, PHP 5.6 would incorrectly return a DES hash.
标签:php,php-5-4,php-5-6,crypt 来源: https://codeday.me/bug/20190612/1223605.html