Hi,
I confess that I don't understand it well, but I've seen that passing a different salt to the function gives different (better) results.
Here's a quick test that I made, loosely based on your code...
PHP Code:
<?php
class CryptTest {
private function do_crypty_thing() {
$user = 'testtesttesttestte';
$pass = 'pass';
$salt1 = '$2y$12$'.$user.'$';
$salt2 = '!2y!12!'.$user.'!';
echo "Blowfish hash example 1 with salt ".$salt1.": " . crypt($pass, $salt1) . "\n";
echo "Blowfish hash example 2 with salt ".$salt2.": " . crypt($pass, $salt2) . "\n";
}
public function main() {
return $this->do_crypty_thing();
}
}
$ct = new CryptTest();
$ct->main();
?>
and the response from the script:
Code:
gp@mariachi:~/test$ php crypt.php
Blowfish hash example 1 with salt $2y$12$testtesttesttestte$: $2y$12$testtesttesttestte$
Blowfish hash example 2 with salt !2y!12!testtesttesttestte!: !2GUKV5zZMaQE
Can you change your salt?
Ps. I've done a little more research into the salts, and it's worth taking a look on the 3rd answer to the following question for an explanation: http://stackoverflow.com/questions/2...ication-please
it uses a base64 alphabet composed of [a-zA-Z0-9./], with $ as the null (NOT 0) terminating/padding character. If you use any characters outside of that range, or a $ too early, it will either error out or not interpret the entirety of the salt.
hope that helps!
gp
Bookmarks