XIV. Crack Functions

Introduction

These functions allow you to use the CrackLib library to test the 'strength' of a password. The 'strength' of a password is tested by that checks length, use of upper and lower case and checked against the specified CrackLib dictionary. CrackLib will also give helpful diagnostic messages that will help 'strengthen' the password.

Note: This extension has been moved to the PECL repository and is no longer bundled with PHP as of PHP 5.0.0.

Requirements

More information regarding CrackLib along with the library can be found at http://www.crypticide.com/users/alecm/.

Installation

This PECL extension is not bundled with PHP. Additional information such as new releases, downloads, source files, maintainer information, and a CHANGELOG, can be located here: http://pecl.php.net/package/crack.

In PHP 4 this PECL extensions source can be found in the ext/ directory within the PHP source or at the PECL link above. In order to use these functions you must compile PHP with Crack support by using the --with-crack[=DIR] configuration option.

Windows users will enable php_crack.dll inside of php.ini in order to use these functions. In PHP 4 this DLL resides in the extensions/ directory within the PHP Windows binaries download. You may download this PECL extension DLL from the PHP Downloads page or at http://snaps.php.net/.

Runtime Configuration

The behaviour of these functions is affected by settings in php.ini.

Table 1. Crack configuration options

Name	Default	Changeable	Changelog
crack.default_dictionary	NULL	PHP_INI_SYSTEM	Available since PHP 4.0.5.

For further details and definitions of the PHP_INI_* constants, see the Appendix H.

Resource Types

This extension has no resource types defined.

Predefined Constants

This extension has no constants defined.

Examples

This example shows how to open a CrackLib dictionary, test a given password, retrieve any diagnostic messages, and close the dictionary.
Example 1. CrackLib example

<?php // Open CrackLib Dictionary $dictionary = crack_opendict('/usr/local/lib/pw_dict') or die('Unable to open CrackLib dictionary'); // Perform password check $check = crack_check($dictionary, 'gx9A2s0x'); // Retrieve messages $diag = crack_getlastmessage(); echo $diag; // 'strong password' // Close dictionary crack_closedict($dictionary); ?>

Note: If crack_check() returns TRUE, crack_getlastmessage() will return 'strong password'.

Table of Contents
crack_check -- Performs an obscure check with the given password
crack_closedict -- Closes an open CrackLib dictionary
crack_getlastmessage -- Returns the message from the last obscure check
crack_opendict -- Opens a new CrackLib dictionary

User Contributed Notes
Crack Functions

slayoo(at)staszic(dot)waw(dot)pl
14-May-2002 07:36


Following the source of Cracklib 2.7 possible return strings are:

- it is based on a dictionary word

- it is based on a (reversed) dictionary word

- it's WAY too short

- it is too short

- it does not contain enough DIFFERENT characters

- it is all whitespace

- it is too simplistic/systematic

- it looks like a National Insurance number

It may be useful for example in localization of your scripts...

clay at killersoft dot com
05-Apr-2002 01:01


If you set a "crack.default_dictionary" value in your php.ini file, you don't need to call the "crack_opendict" and "crack_closedict" functions.



Example php.ini entry:



[Crack]

crack.default_dictionary = "/usr/local/lib/pw_dict"



Enables this:



<?php

// Perform password check

$check = crack_check('Twawt-Alv2');



// Retrieve messages

$diag = crack_getlastmessage();

echo $diag; // 'strong password'

?>



----------------------

Check out validateEmail.php 2.0

http://www.killersoft.com/contrib/