crypt(): No salt parameter was specified. You must use a randomly generated salt and a strong hash function to produce a secure hash function [closed]

java javascript php php5 php7

The salt parameter is optional. However, crypt() creates a weak hash without the salt, and raises an E_NOTICE error without it. Make sure to specify a strong enough salt for better security.

function generate_salt($len = 8) {
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789`~!@#$%^&*()-=_+';
$l = strlen($chars) - 1;
$str = '';
for ($i = 0; $i<$len; ++$i) {
    $str .= $chars[rand(0, $l)];
}
return $str;

}

$generate_salt = generate_salt($len = 8); $str = "$5$" . $generate_salt . "$"; $c = crypt(uniqid(), $str); echo $c; // $5$ot6wbbf+$wtwWCC8wmE01cNeHGGLMGqkWqiDWyHWfdXQvEOLI7.5

This is correct way to generate salt for crypt function.

Related

Is worrying about too many CNAMEs a micro optimization?
Certificates requested through Amazon ACM are stuck in "Pending validation"
Can't access static external IP for Google Cloud Run instance - followed guides (Router, Subnet, NAT, VPC, etc)
Google Cloud: Quota 'C2_CPUS' exceeded Limit: 0.0 in region us-central, but the limit is unlimited
How to change time on local NTP server and distribute to others? [closed]
Microsoft Exchange: difference between a "mailbox" and a "mail user"?
Really destroy all PHP sessions on server
When to run eseutil /d on Exchange 2007 databases?
How to ask systemd why a service was stopped
Does hard drive do read verification at the same time it writes data?
iptables: Packets about generated locally and heading to local
Changing proxy_cache_valid value based on GET Query