I'm just trying a few things with encrypt() and decrypt() in PHP, and I'm getting Unsupported function errors referencing them?

Here's the code:

<?
$mess = &quot;just a message&quot;;
$passwd = &quot;password&quot;;
$data = encrypt($mess,0,$passwd);
print(decrypt($data,0,$passwd));
?>


Is there anything obviously wrong? Thanks
Sneaky

I just RTFM, and noticed that it doesn't even list functions for encrypt or decrypt, just crypt, although the book demonstrates uses of all three. :(

crypt() is a one way street and I *think* it's the same as htpasswd's encryption (using Unix/Linux crypt function). Encrypt and decrypt I think are part of a library or module or something...

Also note that on Windows, crypt() does squat :(

------------------
Justin Nelson
FutureQuest Support

Justin: Even with the crypt module enabled?
------------------
"Okay, so I'm not "SANE" so to speak, but uh... I'm the lovable kind of psycho"
http://solareclipse.net/

I tried that on my system, and it still will not work... I'm not sure why, but I do know that for .htaccess protected directories there is no encryption on the passwords (which sucks) - I'm sure NT has some form of encryption... then again, maybe not...

------------------
Justin Nelson
FutureQuest Support

Yeah, for now, I'm just crypting a person's password with a salt and storing it in a file. When they need access again, I'll encrypt their password and compare it to the encrypted password in the file. The only problem (or feature) is that you can't decrypt a password using crypt(). I think its just standard DES encryption, isn't it?

nope...[nbsp][nbsp]crypt() was designed to be a one-way hash, with no decryption methods other than brute force...[nbsp][nbsp]crypt is pretty darn good that there are no known cryptoanalysis methods to undo it...

In parlance, it has 4092 permutations driven by the salt and takes brute force (stepping through every possible value) to find the plaintext...[nbsp][nbsp]You can also run dictionaries against it, as most people use common words... :(

Even corrupted (b0rk3d) passwords don't stand up well to dictionary cracks, cause most of the crackers are coded specifically to h4nd13 such w0rd5... ;)

--
Terra
--Official member of the rat race--
FutureQuest

Hehehehe!

http://www.leonatkinson.com/index.php3?screen=eng_book_errata

--
Terra
--Oooops--
FutureQuest

There's (sort of) a BUG in the BOOK?

Thanks Terra!

Sneaky

Thanks, I think just crypt() will work for now, and I'll take a look into PGP later.

I've got some governement nuclear bomb designs I'm trying to smuggle to China. :)

Sneaky

Hey Terra, are we able to use:

dl(&quot;crypt.dll&quot;);

in our PHP scripts. Just wondering. Thanks

Sneaky

I'm pretty sure I can't load up .dll files as those are for MS based systems...

I would recommend poking around the mailing list archives to see if such an animal exists for Unix (full encryption <--> decryption) methods...

If I was faced with this, I would just use pgp to do the work...

--
Terra
--When is not knowing, sorta knowing--
FutureQuest