I have a question about the way I'm using the crypt function in a PHP/SQL gradebook I'm building. When I add a user to the users table, I also generate a encrypted version of their password using the following statement: // Crypt the password $crypt_num = crypt($student_num, $salt); // Crypt the password $crypt_pw = crypt($password, $salt); Then, when the user tries to log on later, they enter their password, and it gets encrypted in exactly the same way. The encrypted version of the PW is then compared to the encrypted version stored in a passwords table -- if they match, then the script validates the user and prints out the user's assignment scores. However, I've noticed that if anything past the 8th character in the password is irrelevant. So, if the password was "12345678910", and the user entered "12345678", the user would be able to enter. In other words, the encrypted version of "12345678910" would be the same as the encrypted version of "12345678". I think there must be something with my crypt statement -- any advice? Best, Zach -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
