Php blowfish hashing with crypt (): CLI result differs from webserver one

Question

When I use the php crypt () function using Blowfish algorithm with webserver :

<?php

    echo crypt('SAD123', sprintf('$2a$10$%s', '7711cbpe58dfpogiu049857f011werb0'));

I get this result:

$2a$10$7711cbpe58dfpogiu0498u5Vh773A3qx.3LE3ro3NX7F9c9N7.pOm

But if I use the command line PHP interpreter :

php -r "echo crypt('SAD123', sprintf('$2a$10$%s', '7711cbpe58dfpogiu049857f011werb0'));"

I am getting the following output:

a0SqNHxQ8/2mA

Do you have any ideas?

System: Apache / 2.2.3 (CentOS), PHP 5.4.26

+3

Alexander 01 oct. '14 at 7:00

1 answer

Quasdunk · Accepted Answer · 2014-10-01T07:24:11+0000

This is because dollar signs followed by digits on the command line are also interpreted as positional parameters in bash.

When you leave them, it will work as expected:

$ php -r "echo crypt('SAD123', sprintf('\$2a\$10$%s', '7711cbpe58dfpogiu049857f011werb0'));"

So, if you want to tinker with some PHP on your line, you should just run it interactively:

$ php -a
php > echo crypt('SAD123', sprintf('$2a$10$%s', '7711cbpe58dfpogiu049857f011werb0'));