01277: Using crypt() w/o salt in PHP 5.6 versions causes PmWiki problems
Description: Hi,
using crypt() with older versions of PHP, e.g., 5.2.4, return an empty result if no salt is provided.
This causes problems with PmWiki as the login into password-protected pages is not possible and using ?action=crypt also returns only an empty string.
"Bug"-report: https://bugs.php.net/bug.php?id=45655
Cheers,
~AM
Reference: http://php.net/manual/en/function.crypt.php. --Petko January 05, 2012, at 04:32 PM
+1 on this, I still have that problem, crypt doesn't work and this causes all passwords to be ignored, once you delete crypt, you cannot login anymore. It took days to find this bug, hence my verbose statement so other people can find this page on Google.
Could there be an alternative to using PHPs crypt function?
Server info: Apache/2.2.8 (Ubuntu) DAV/2 SVN/1.5.1 PHP/5.2.4-2ubuntu5.27 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g Server at
Note, PHP 5.6.0 will raise E_NOTICE security warning if salt is omitted. --Petko February 15, 2014, at 01:51 PM
Closing this entry as the core was fixed for PHP 5.6. Should there be a need to work on the PHP5.2 issue please say so and we may be able to adjust the new pmcrypt() function. --Petko June 19, 2015, at 05:28 PM