0
I have a Shell script that generates a password randomly and saves it in pass.txt.
In php I have the code below, which opens this pass.txt, takes the password that is in it and generates the Hash overriding the pass.txt. With this hash I saved in mysql database:
<?php
$senha1 = file_get_contents("/tmp/pass.txt");
#$senha1 = trim($senha1);
$senha1 = preg_replace('/s(?=s)/', '', $senha1);
$senha1 = preg_replace('/[nrt]/', ' ', $senha1);
$senha1 = preg_replace('/\\s\\s+/', ' ', $senha1);
$senha1 = password_hash($senha1, PASSWORD_BCRYPT, [cost => 12]);
$arquivo = "/tmp/pass.txt";
$fp = fopen($arquivo, "r+");
fwrite($fp, $senha1);
fclose($fp);
?>
However, this process is all automated and sometimes the system logs and sometimes not. I did the manual process and at this time no access is allowed with the user and password that is generated. I do not know if in this process, when generating the Hash, some garbage is being inserted and etc. But I used replace to test remove waste.
The only "strange" situation is that it generates this Warning when php runs:
PHP Warning: Use of undefined constant cost - assumed 'cost' (this will
throw an Error in a future version of PHP)
Use the function password_verify to validate the password.
Through some tests, setting the password in a variable in the own PHP and generating the Hash through this variable works. But if the password is in a TXT and I take the information that is in this TXT and encrypt the password, it does not work.
The correct is
password_hash($senha1, PASSWORD_BCRYPT, ["cost" => 12]);– Valdeir Psr
Warning is gone. Thank you. But I ran php in the password we created in pass.txt , the hash is generated, the mysql game hashed and still does not access.
– user54154