I have a neat class you can play with...
--
The trouble with programmers is that you can never tell what a programmer is
doing until it’s too late. ~Seymour Cray
On Wed, Aug 3, 2011 at 2:27 PM, Alex Nikitin <niksoft@xxxxxxxxx> wrote:
> Yes, since it's trying to represent in characters some purely binary data,
> it is not unlikely that you will get VERY weird characters (and you do).
>
> Also you shouldn't actually encrypt passwords, the proper way to store them
> is hashed, so that if someone grabs your database, they dont have your
> passwords, even if they have the "key".
>
> Best way to check is to decrypt it and verify...
>
> --
> The trouble with programmers is that you can never tell what a programmer
> is doing until it’s too late. ~Seymour Cray
>
>
>
>
> On Wed, Aug 3, 2011 at 12:40 PM, Andre Polykanine <andre@xxxxxxxx> wrote:
>
>> Hello Php,
>>
>> It's my first time I use mcrypt.
>> I've done everything like it's written in the php manuals, here is the
>> code:
>>
>> <?php
>> $d=mcrypt_module_open("rijndael-256", "", "ofb", "");
>> $iv=mcrypt_create_iv(mcrypt_enc_get_iv_size($d), MCRYPT_DEV_RANDOM);
>> $ks=mcrypt_enc_get_key_size($d);
>> $key=substr(md5("Secret key"), 0, $ks);
>> mcrypt_generic_init($d, $key, $iv);
>> $cpass=mcrypt_generic($d, $_POST['opass']);
>> mcrypt_generic_deinit($d);
>> mcrypt_module_close($d);
>> ?>
>>
>> And here's what I get:
>> Original password: asdfasdfasdf
>> Encrypted password: Q� j�����*
>>
>> Question: Is it normal to have such strange characters in the encrypted
>> string?
>> I'm hosted at http://godaddy.com/, shared hosting, if it does matter.
>> Thanks!
>>
>> --
>> With best regards from Ukraine,
>> Andre
>> Skype: Francophile
>> Twitter: http://twitter.com/m_elensule
>> Facebook: http://facebook.com/menelion
>>
>>
>> --
>> PHP General Mailing List (http://www.php.net/)
>> To unsubscribe, visit: http://www.php.net/unsub.php
>>
>>
>
