Skip to Main Content
PHP in a Nutshell
book

PHP in a Nutshell

by Paul Hudson
October 2005
Intermediate to advanced content levelIntermediate to advanced
372 pages
11h 35m
English
O'Reilly Media, Inc.
Content preview from PHP in a Nutshell

Name

sha1()

Synopsis

    string sha1 ( string str [, bool raw_output] )

SHA stands for the "Secure Hash Algorithm," and it is a way of converting a string of any size into a 40-bit hexadecimal number that can be used for verification. Checksums are like unidirectional (one-way) encryption designed to check the accuracy of input. By unidirectional, I mean that you cannot run $hash = sha1($somestring), then somehow decrypt $hash to get $somestring—it is just not possible, because a checksum does not contain its original text.

Checksums are a helpful way of storing private data. For example, how do you check whether a password is correct?

    if ($password =  = "Frosties") {
            // ........
    }

While that solution works, it means that whoever reads your source code gets your password. Similarly, if you store all your users' passwords in your database and someone cracks it, you will look bad. If you have the passwords of people on your database, or in your files, then malicious users will not be able to retrieve the original password.

The downside of that is that authorized users will not be able to get at the passwords either—whether or not that is a good thing varies from case to case, but usually having checksummed passwords is worthwhile. People who forget their password must simply reset it to a new password as opposed to retrieving it.

Checksumming is also commonly used to check whether files have downloaded properly—if your checksum is equal to the correct checksum value, then you have downloaded ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

PHP Cookbook

PHP Cookbook

Eric A. Mann
Programming PHP

Programming PHP

Rasmus Lerdorf, Kevin Tatroe
Learning PHP

Learning PHP

David Sklar

Publisher Resources

ISBN: 0596100671Errata Page