PHP Basic
PHP HOME PHP Intro PHP Install PHP Syntax PHP Variables PHP String PHP Operators PHP If...Else PHP Switch PHP Arrays PHP Sorting Arrays PHP While Loops PHP For Loops PHP Functions PHP Forms PHP $_GET PHP $_POSTPHP Advanced
PHP Arrays Multi PHP Date PHP Include PHP File PHP File Upload PHP Cookies PHP Sessions PHP E-mail PHP Secure E-mail PHP Error PHP Exception PHP FilterPHP Database
PHP MySQL Intro PHP MySQL Connect PHP CREATE DB/Table PHP INSERT INTO PHP SELECT PHP WHERE PHP ORDER BY PHP UPDATE PHP DELETE PHP ODBCPHP XML
XML Expat Parser XML DOM XML SimpleXMLPHP and AJAX
AJAX Intro AJAX PHP AJAX Database AJAX XML AJAX Live Search AJAX RSS Reader AJAX PollPHP Reference
PHP Array PHP Calendar PHP Date PHP Directory PHP Error PHP Filesystem PHP Filter PHP FTP PHP HTTP PHP Libxml PHP Mail PHP Math PHP Misc PHP MySQLi PHP SimpleXML PHP String PHP XML PHP Zip PHP TimezonesPHP Quiz
PHP Quiz PHP CertificatePHP crypt() Function
Complete PHP String Reference
Definition and Usage
The crypt() function returns a string encrypted using DES, Blowfish, or MD5 algorithms.
This function behaves different on different operating systems, some operating systems supports more than one type of encryption. PHP checks what algorithms are available and what algorithms to use when it is installed.
The exact algorithm depends on the format and length of the salt parameter. Salts help make the encryption more secure by increasing the number of encrypted strings that can be generated for one specific string with one specific encryption method.
There are some constants that are used together with the crypt() function. The value of these constants are set by PHP when it is installed.
Constants:
- [CRYPT_SALT_LENGTH] - The length of the default encryption. With standard DES encryption, the length is 2
- [CRYPT_STD_DES] - Value is 1 if the standard DES algorithm is supported, 0 otherwise. The Standard DES-based encryption has a two character salt
- [CRYPT_EXT_DES] - Value is1 if the extended DES algorithm is supported, 0 otherwise. The Extended DES encryption has a nine character salt
- [CRYPT_MD5] - Value is 1 if the MD5 algorithm is supported, 0 otherwise. The MD5 encryption has a 12 character salt starting with $1$
- [CRYPT_BLOWFISH] - Value is 1 if the Blowfish algorithm is supported, 0 otherwise. The Blowfish encryption has a 22 character salt starting with $2a$, $2x$, or $2y$
- [CRYPT_SHA_256] - Value is 1 if the SHA-256 algorithm is supported, 0 otherwise. The SHA-256 encryption has a 16 character salt starting with $5$
- [CRYPT_SHA_512] - Value is 1 if the SHA-512 algorithm is supported, 0 otherwise. The SHA-512 encryption has a 16 character salt starting with $6$
Note: There is no decrypt function. The crypt() function uses a one-way algorithm.
Syntax
crypt(str,salt)
| Parameter | Description |
|---|---|
| str | Required. Specifies the string to be encoded |
| salt | Optional. A string used to increase the number of characters encoded, to make the encoding more secure. If the salt argument is not provided, one will be randomly generated by PHP each time you call this function. |
Technical Details
| Return Value: | Returns the encoded string or a string that is shorter than 13 characters and is guaranteed to differ from the salt on failure |
|---|---|
| PHP Version: | 4+ |
| Changelog: | $2x$ and $2y$ Blowfish modes wad added in PHP 5.3.7 to deal with
potential high-bit attacks. The constants SHA-256 and SHA-512 was added in PHP 5.3.2 As of PHP 5.3.0, PHP contains its own implementation for the MD5 crypt, Standard DES, Extended DES and the Blowfish algorithms and will use that if the system lacks of support for one or more of the algorithms. |
Example
Example 1
In this example we will test the different algorithms:
<?php
if (CRYPT_STD_DES == 1)
{
echo "Standard DES: ".crypt("hello world")."\n<br>";
}
else
{
echo "Standard DES not supported.\n<br>";
}
if (CRYPT_EXT_DES == 1)
{
echo "Extended DES: ".crypt("hello world")."\n<br>";
}
else
{
echo "Extended DES not supported.\n<br>";
}
if (CRYPT_MD5 == 1)
{
echo "MD5: ".crypt("hello world")."\n<br>";
}
else
{
echo "MD5 not supported.\n<br>";
}
if (CRYPT_BLOWFISH == 1)
{
echo "Blowfish: ".crypt("hello world")."\n<br>";
}
else
{
echo "Blowfish DES not supported.\n<br>";
}
if (CRYPT_SHA256 == 1)
{
echo "SHA-256: ".crypt("hello world")."\n<br>";
}
else
{
echo "SHA-256 not supported.\n<br>";
}
if (CRYPT_SHA512 == 1)
{
echo "SHA-512: ".crypt("hello world");
}
else
{
echo "SHA-512 not supported.";
}
?>
if (CRYPT_STD_DES == 1)
{
echo "Standard DES: ".crypt("hello world")."\n<br>";
}
else
{
echo "Standard DES not supported.\n<br>";
}
if (CRYPT_EXT_DES == 1)
{
echo "Extended DES: ".crypt("hello world")."\n<br>";
}
else
{
echo "Extended DES not supported.\n<br>";
}
if (CRYPT_MD5 == 1)
{
echo "MD5: ".crypt("hello world")."\n<br>";
}
else
{
echo "MD5 not supported.\n<br>";
}
if (CRYPT_BLOWFISH == 1)
{
echo "Blowfish: ".crypt("hello world")."\n<br>";
}
else
{
echo "Blowfish DES not supported.\n<br>";
}
if (CRYPT_SHA256 == 1)
{
echo "SHA-256: ".crypt("hello world")."\n<br>";
}
else
{
echo "SHA-256 not supported.\n<br>";
}
if (CRYPT_SHA512 == 1)
{
echo "SHA-512: ".crypt("hello world");
}
else
{
echo "SHA-512 not supported.";
}
?>
The output of the code above could be (depending on the operating system):
Standard DES: $1$r35.Y52.$iyiFuvM.zFGsscpU0aZ4e.
Extended DES not supported.
MD5: $1$BN1.0I2.$8oBI/4mufxK6Tq89M12mk/
Blowfish DES not supported.
SHA-256 not supported.
SHA-512 DES not supported.
Extended DES not supported.
MD5: $1$BN1.0I2.$8oBI/4mufxK6Tq89M12mk/
Blowfish DES not supported.
SHA-256 not supported.
SHA-512 DES not supported.
Complete PHP String Reference
W3Schools' Online Certification
The perfect solution for professionals who need to balance work, family, and career building.
More than 10 000 certificates already issued!
The HTML Certificate documents your knowledge of HTML.
The HTML5 Certificate documents your knowledge of advanced HTML5.
The CSS Certificate documents your knowledge of advanced CSS.
The JavaScript Certificate documents your knowledge of JavaScript and HTML DOM.
The jQuery Certificate documents your knowledge of jQuery.
The XML Certificate documents your knowledge of XML, XML DOM and XSLT.
The ASP Certificate documents your knowledge of ASP, SQL, and ADO.
The PHP Certificate documents your knowledge of PHP and SQL (MySQL).
Your suggestion:
Close [X]
Thank You For Helping Us!
Your message has been sent to W3Schools.
Close [X]
