vpopmail password encrypt from PHP

http://www.mail-archive.com/vchkpw@inter7.com/msg08608.html

> ----- Original Message ----- 
> From: "Peter Palmreuther" <lists@pitpalme.de>
> To: <vchkpw@inter7.com>
> Sent: Monday, August 26, 2002 8:51 PM
> Subject: Re: [vchkpw]passwrod encrypted method
>

> Hello zafar,
> 
> On Monday, August 26, 2002 at 10:04:27 AM you wrote:
> 
> > i want to know that thing ,that when new user add in through vpopmail in
> > any domain ,what algorithum vpopmail is use to encrypt password
> 
> crypt with MD5
> 
> > and now i want to decrypt it through php.
> 
> Impossible. It's a one way encryption. Decryption is not possible.
> 
> > plz tell me the encrypted method of vpopmail.
> 
> To encrypt passwords using PHP, e.g. to write them to a database (like if
> you're using vpopmail w/ MySQL and want users to change the password from
> your web site) you can use the following code:
> 
> ,-----= [ adopted from vpopmail-source ] =-----
> <?php
> function randltr() {
> $retval = 'a';
> $rand = rand() % 64;
> if ($rand < 26) $retval = $rand + 'a';
> if ($rand > 25) $retval = $rand - 26 + 'A';
> if ($rand > 51) $retval = $rand - 52 + '0';
> if ($rand == 62) $retval = ';';
> if ($rand == 63) $retval = '.';
> return($retval);
> }
> 
> function mkpasswd3(&$clearpass, &$crypted) {
> srand ((double)microtime()*1000000);
> 
> $salt = '$1$';
> for ($i = 0; $i < 5; $i++) $salt .= randltr();
> $salt .= '0';
> 
> $crypted = crypt($clearpass, $salt);
> 
> if (strlen($crypted) > 0) return(true);
> return(false);
> }
> ?>
> `-----=
> 
> and call the functions like in this example:
> 
> ,-----= [ ] =-----
> $clearpass = 'testtest'
> $crypted = '';
> 
> if (mkpasswd3($clearpass, $crypted)) printf("%s -> %s\n", $clearpass, $crypted);
> else echo("Ohoh");
> `-----=
> 
> To figure out if MD5-support is compiled into your PHP execute this code:
> 
> ,-----= [ test for MD5 encryption support ] =-----
> <?php
> printf('CRYPT_MD5: %s%s', CRYPT_MD5, "\n");
> ?>
> `-----=
> 
> > i install it with clear password option also.
> 
> You won't need to decrypt if clear-password is enabled. The clear password
> then will be already present.
> But you'll have to remember updating encrypted _AND_ clear password if you
> use above PHP functions!!!
> -- 
> Best regards
> Peter Palmreuther mailto:lists@pitpalme.de