PHP crypt()在5.6.4版本中返回* 0失败字符串,但不是5.4,
[英]PHP crypt() returns *0 failure string in version 5.6.4, but not 5.4,
问题描述
echo crypt('test', "$2a$07$"); produces a long hash in PHP version 5.4.16, but it produces the "failure string" *0 in 5.6.4. 
在PHP版本5.4.16中生成一个长哈希,但它在5.6.4中生成“失败字符串” *0 。
Reading the PHP docs on crypt(), I'm still not quite clear why, though the Changelog mentions the *1 being returned instead of *0 depending on the circumstance. 读取crypt()上的PHP文档,我仍然不太清楚为什么,尽管Changelog提到*1被返回而不是*0具体取决于具体情况。 ( http://php.net/manual/en/function.crypt.php ) ( http://php.net/manual/en/function.crypt.php )
What is the reasoning for *0 being returned in this case? 在这种情况下返回*0是什么? Did PHP past 5.4 stop tolerating the bad salt of the form $2a$07$ ? PHP过去5.4是否已经停止了$2a$07$形式的坏盐?
1 个解决方案
解决方案1
7 已采纳 2015-01-22 22:39:23
The Blowfish definition says that you have to define a string after the third $ . Blowfish定义说你必须在第三个$之后定义一个字符串。
<?php
echo crypt('test', "$2a$07$mystring");
?>
Blowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z"
When you don't define that string you get an error *0 . 如果不定义该字符串,则会收到错误*0 。
5.6.5 When the failure string "*0" is given as the salt, "*1" will now be returned for consistency with other crypt implementations.
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.