php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Doc Bug #69157 typo
Submitted: 2015-03-02 13:42 UTC Modified: 2015-03-02 19:58 UTC
From: zorro_damian at hotmail dot com Assigned: aharvey (profile)
Status: Closed Package: Unknown/Other Function
PHP Version: Irrelevant OS: Irrelevant
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: zorro_damian at hotmail dot com
New email:
PHP Version: OS:

 

 [2015-03-02 13:42 UTC] zorro_damian at hotmail dot com 
Description:
------------
Wrong example script at 
http://php.net/manual/en/function.crypt.php => 'Example #1 crypt() examples'.

WRONG:
if (hash_equals($hashed_password, crypt($user_input, $hashed_password)) {
   echo "Password verified!";
}

GOOD:
if (hash_equals($hashed_password, crypt($user_input, $hashed_password))) {
   echo "Password verified!";                                          ^
}                                                               This fixes it.

The example script closes the: crypt(), hash_equals(), but not the if().

Test script:
---------------
<?php
$hashed_password = crypt('mypassword');

/* You should pass the entire results of crypt() as the salt for comparing a
   password, to avoid problems when different hashing algorithms are used. (As
   it says above, standard DES-based password hashing uses a 2-character salt,
   but MD5-based hashing uses 12.) */
if (hash_equals($hashed_password, crypt($user_input, $hashed_password))) {
   echo "Password verified!";
}
?>

Expected result:
----------------
Irrelevant

Actual result:
--------------
Irrelevant

Patches

typo_fix_crypt (last revision 2015-03-02 13:42 UTC by zorro_damian at hotmail dot com)

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2015-03-02 18:04 UTC] aharvey@php.net 
Automatic comment from SVN on behalf of aharvey
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=336026
Log: I parenthesis good.

Fixes doc bug #69157 (typo).
 [2015-03-02 18:04 UTC] aharvey@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: aharvey
 [2015-03-02 18:04 UTC] aharvey@php.net 
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

Whoops. )))
 [2015-03-02 19:58 UTC] zorro_damian at hotmail dot com 
Yes, that's better! (-:
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat Jul 05 04:01:35 2025 UTC