PHP crypt() Function

PHP crypt()

The crypt() function encrypts a string using DES, Blowfish, MD5, or alternative algorithms that may be available on the system.

The salt parameter is optional. However, crypt() creates a weak hash without the salt.

Note: It is recommended to use password_hash() to generate a strong salt.

Warning: There is no decrypt function. The crypt() function uses a one-way algorithm.

Warning: This function is not (yet) binary safe!

Example

PHP Compiler
<?php $str = crypt("PHP World", 'shhh'); echo ($str); ?>

Syntax

crypt(str, salt)

Parameter Values

ValueTypeExplanation
cryptRequiredSpecifies the string to be encrypted
saltOptionalSpecifies a string to base the hashing on.

Return Value

ValueExplanation
StringReturns a hashed string.

Hash Types

On systems where the crypt() function supports multiple hash types, the following constants are set to 0 or 1 depending on whether the given type is available:

Hash TypesExplanation
CRYPT_STD_DESStandard DES-based hash with a two character salt from the alphabet "./0-9A-Za-z".
Using invalid characters in the salt will cause crypt() to fail.
CRYPT_EXT_DESExtended DES-based hash.
The "salt" is a 9-character string consisting of an underscore followed by 4 bytes of iteration count and 4 bytes of salt.
These are encoded as printable characters, 6 bits per character, least significant character first.
The values 0 to 63 are encoded as "./0-9A-Za-z".
Using invalid characters in the salt will cause crypt() to fail.
CRYPT_MD5MD5 hashing with a twelve character salt starting with $1$.
CRYPT_BLOWFISHBlowfish hashing with a salt as follows: "$2a$", "$2x$" or "$2y$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z".
Using characters outside of this range in the salt will cause crypt() to return a zero-length string.
The two digit cost parameter is the base-2 logarithm of the iteration count for the underlying Blowfish-based hashing algorithmeter and must be in range 04-31, values outside this range will cause crypt() to fail.
CRYPT_SHA256SHA-256 hash with a sixteen character salt prefixed with $5$.
If the salt string starts with 'rounds=<N>$', the numeric value of N is used to indicate how many times the hashing loop should be executed, much like the cost parameter on Blowfish.
The default number of rounds is 5000, there is a minimum of 1000 and a maximum of 999,999,999.
Any selection of N outside this range will be truncated to the nearest limit.
CRYPT_SHA512 SHA-512 hash with a sixteen character salt prefixed with $6$.
If the salt string starts with 'rounds=<N>$', the numeric value of N is used to indicate how many times the hashing loop should be executed, much like the cost parameter on Blowfish.
The default number of rounds is 5000, there is a minimum of 1000 and a maximum of 999,999,999.
Any selection of N outside this range will be truncated to the nearest limit.

Join Our Channel

Join our telegram channel to get an instant update on depreciation and new features on HTML, CSS, JavaScript, jQuery, Node.js, PHP and Python.

This channel is primarily useful for Full Stack Web Developer.

Share this Page

Meet the Author