php - Crypt generating *0 -

-

crypt is, sometimes, generating string *0 instead of real hash.

const salt_byte_size = 24; const hash_payload = 13; public static function createhash($password, $cost = self::hash_payload) {      $salt = '$2a$' . $cost . '$' . base64_encode(mcrypt_create_iv(self::salt_byte_size, mcrypt_dev_urandom));       $password = crypt($password, $salt);     return $password; }

i found line base64_encode(mcrypt_create_iv(self::salt_byte_size, mcrypt_dev_urandom)); somewhere around stackoverflow, stating way generate random salt. been few weeks couldn't find answer again. wonder if random salt maybe causing crypt generate string *0.

the given password alphanumeric string, 8 chars long.

crypt returns *0 if given invalid salt - , that's case here. quoting the doc:

blowfish hashing salt follows: "$2a$", "$2x$" or "$2y$", 2 digit cost parameter, "$", , 22 characters alphabet "./0-9a-za-z"

most probably, you've assumed base64_encode() returns strings of same set of characters. it's not - there's + sign (the full alphabet [a-za-z0-9+/]).

an obvious workaround replacing + .:

$salt = '$2a$' . $cost . '$' .    str_replace('+', '.',      base64_encode(mcrypt_create_iv(self::salt_byte_size, mcrypt_dev_urandom)));

Comments

Post a Comment

Popular posts from this blog

java - Oracle EBS .ClassNotFoundException: oracle.apps.fnd.formsClient.FormsLauncher.class ERROR -

-
i need in configuring java on machine because, when try loading forms, loader goes in circles , gives error: java.lang.classnotfoundexception: oracle.apps.fnd.formsclient.formslauncher.class @ sun.plugin2.applet.applet2classloader.findclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass0(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass(unknown source) @ java.lang.classloader.loadclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadcode(unknown source) @ sun.plugin2.applet.plugin2manager.createapplet(unknown source) @ sun.plugin2.applet.plugin2manager$appletexecutionrunnable.run (unknown source) @ java.lang.thread.run(unknown source) i have tried re-installing firefox, older versions of java runtime environments, disabling proxy. what missing? application working on other machines. i spent around 100 hours finding s...
Read more

c# - how to use buttonedit in devexpress gridcontrol -

-
Image
i trying create gridcontrol buttonedit in 1 of columns. when user clicks button edit, popups form select product. when selection done on popup, returns datarow selection main grid below. but when column loses focus, value wrote column disappear. here code creates gridcontrol's data , buttonedit's click event. private void frmsiparisnew_load(object sender, eventargs e) { dt = new datatable(); dt.columns.add("malzeme_kodu",typeof(string)); dt.columns.add("malzeme_aciklama", typeof(string)); dt.columns.add("adet", typeof(decimal)); dt.columns.add("birim", typeof(string)); dt.columns.add("fiyat", typeof(decimal)); dt.columns.add("kur", typeof(string)); dt.columns.add("tutar", typeof(decimal)); datarow dr = dt.newrow(); dt.rows.add(dr); gc.datasource = dt; } private void repositoryitembuttoneditmal...
Read more

how to display 2 form fields on same line with bootstrap -

-
i creating form in bootstrap should responsive. see below code. <form novalidate="novalidate" class="form-inline"> <div class="form-group"> <label class="col-sm-4 control-label" for="inputfirstname">first name:</label> <div class="col-sm-4"> <input class="form-control" type="text" id="inputfirstname" ng-model="patient.firstname"/> </div> </div> <div class="form-group"> <label class="col-sm-4 control-label" for="inputlastname">last name:</label> <div class="col-sm-4"> <input class="form-control" type="text" id="inputlastname" ng-model="patient.lastname"/> </div> </div> ...
Read more