randika · January 30, 2014 07:15
diff --git a/php_crypt_example_with_salt b/php_crypt_example_with_salt
 <?php
 $user_signup_password = 'password';
 $pass = urlencode($user_signup_password);

 $salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22); 


 // 2a is the bcrypt algorithm selector
 // 12 is the workload factor 

 $pass_crypt = crypt($pass, '$2a$12$'. $salt); 

 echo "signup password: ".$pass_crypt; // You save this on database 


 $user_login_password = "password"; // This is what the user will entering when login - change this to see if it works

 echo "<br>";

 // USER AUTH CHECK - compare $user_login_password with $pass_crypt stored in database

 if ($pass_crypt == crypt($user_login_password, $pass_crypt)) {
 	echo "Success! Valid password";
 } else {
 	echo "Invalid password";
 }
 ?>
	<?php
	$user_signup_password = 'password';
	$pass = urlencode($user_signup_password);

	$salt = substr(str_replace('+', '.', base64_encode(sha1(microtime(true), true))), 0, 22);


	// 2a is the bcrypt algorithm selector
	// 12 is the workload factor

	$pass_crypt = crypt($pass, '$2a$12$'. $salt);

	echo "signup password: ".$pass_crypt; // You save this on database


	$user_login_password = "password"; // This is what the user will entering when login - change this to see if it works

	echo "<br>";

	// USER AUTH CHECK - compare $user_login_password with $pass_crypt stored in database

	if ($pass_crypt == crypt($user_login_password, $pass_crypt)) {
	echo "Success! Valid password";
	} else {
	echo "Invalid password";
	}
	?>