Using the PHP Crypt Function - A Practical Example

(Page 2 of 4 )

First let's set up a form for entering a username and password to add a new user into the system. Let's use an example of a form for an admin interface to administer a Company X product database for Web display.

<html>
<head>
<title>Company X Products Admin Application Add New User </title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<h1>Administration Interface login: Add new User</h1>
<form name="form1" method="post" action="admin_login_newuserbe.php">
<p>
<input name="uname" type="text" id="uname" size="8" maxlength="8">
   <strong>Enter User Name</strong>
<br>
<input name="pword" type="password" id="pword" size="8" maxlength="8">
   <strong>Enter Password</strong>
   <br><input type="submit" name="Submit" value="Add">
</p>
</form>
</body>
</html>

When the form is submitted to "admin_login_newuserbe.php" the crypt function is used to encrypt the new username. We first confirm that both fields have entries:

if(empty($_POST[pword]) || empty($_POST[uname]))
{
   echo "<html><head></head>
   <body><h1>You must enter both a username and password.
   <a href = \"admin_login_newuser.html\">Try Again?
   </a></h1></body></html>";
}

Additional validation could be added to this either on the client side (using Javascript) or on the server side as needed. Next we will use crypt to encrypt our password and neatly trim leading and trailing white space from our username. They can then be stored in a database or flat file.

else
{
   $pwrd = crypt(trim("$_POST[pword]"));
   $user = trim("$_POST[uname]");
//Code for accessing you database or flat file goes here.

Next: Login >>
 

More PHP Articles
More By Chris Root

Comments On: Using the PHP Crypt Function

· However, md5() in not encryption, its hashing; just though I would point that...    · Yes actually you are correct. Not a lot of people know the difference but it is an...    · Using a non standard hashing (or crypto) function is a good way to get in troubles...    · Actually Crypt is entirely based on standards. It uses standard ciphers available...    · First thing that came to my mind is implementing this function with passwords. Since...    · The way I would manage this is for a non encrypted version to be stored in a...    · can you explain hashing? new to this, and thought md5 was encrypting the password? ...    · Can anyone tell the difference between hashing and crypting?and which one is...    · The best explanation I have seen for the difference is...    · This is the way it SHOULD be. When a user loses his password, he gets sent a new...    · With appreciation to the author, there are serious weaknesses here. 1) Crypt()...    · Has nobody spotted the obvious flaw here? You are still sending the password in...   >>> Post your comment now!