XVI. Crack Functions


These functions allow you to use the CrackLib library to test the 'strength' of a password. The 'strength' of a password is tested by that checks length, use of upper and lower case and checked against the specified CrackLib dictionary. CrackLib will also give helpful diagnostic messages that will help 'strengthen' the password.

注: 本扩展已被移动到 PECL 库中且自以下版本起不再被绑定到 PHP 中:5.0.0.


More information regarding CrackLib along with the library can be found at http://www.crypticide.com/users/alecm/.


PECL 扩展未绑定于 PHP 中。 进一步信息例如新版本,下载,源程序,维护者信息以及更新日志可以在此找到: http://pecl.php.net/package/crack.

在 PHP 4 中本 PECL 扩展的源程序位于 PHP 源程序中的 ext/ 目录下或者在上面的 PECL 连接中。 In order to use these functions you must compile PHP with Crack support by using the --with-crack[=DIR] configuration option.

Windows users will enable php_crack.dll inside of php.ini in order to use these functions. 在 PHP 4 中本 DLL 位于 PHP Windows 执行包中的 extensions/ 目录下。 可以从 PHP 下载页面或者 http://snaps.php.net/ 下载此 PECL 扩展的 DLL 文件。


这些函数的行为受 php.ini 的影响。

表格 1. Crack configuration options

crack.default_dictionaryNULLPHP_INI_SYSTEMAvailable since PHP 4.0.5.
有关 PHP_INI_* 常量进一步的细节与定义参见附录 G






This example shows how to open a CrackLib dictionary, test a given password, retrieve any diagnostic messages, and close the dictionary.

例子 1. CrackLib example

// Open CrackLib Dictionary
$dictionary = crack_opendict('/usr/local/lib/pw_dict')
     or die(
'Unable to open CrackLib dictionary');

// Perform password check
$check = crack_check($dictionary, 'gx9A2s0x');

// Retrieve messages
$diag = crack_getlastmessage();
$diag; // 'strong password'

// Close dictionary

注: If crack_check() returns TRUE, crack_getlastmessage() will return 'strong password'.

crack_check -- Performs an obscure check with the given password
crack_closedict -- Closes an open CrackLib dictionary
crack_getlastmessage -- Returns the message from the last obscure check
crack_opendict -- Opens a new CrackLib dictionary

add a note add a note User Contributed Notes
rats at ratsnet dot org
04-Aug-2006 07:02
Here is forgotten the URL: http://sourceforge.net/projects/cracklib
11-Jul-2006 11:57
This is the new CrackLib homepage!
cyril at feraudet dot com
12-Aug-2005 04:32
differents messages returned by crack_getlastmessage () :
- "you are not registered in the password file"
- "it is based on your username"
- "it is based upon your password entry"
- "it is derived from your password entry"
- "it's derived from your password entry"
- "it is derivable from your password entry"
- "it's derivable from your password entry"
- "it's WAY too short"
- "it is too short"
- "it does not contain enough DIFFERENT characters"
- "it is all whitespace"
- "it is too simplistic/systematic"
- "it looks like a National Insurance number."
- "it is based on a dictionary word"
- "it is based on a (reversed) dictionary word"

Cyril Feraudet
14-May-2002 07:36
Following the source of Cracklib 2.7 possible return strings are:
- it is based on a dictionary word
- it is based on a (reversed) dictionary word
- it's WAY too short
- it is too short
- it does not contain enough DIFFERENT characters
- it is all whitespace
- it is too simplistic/systematic
- it looks like a National Insurance number
It may be useful for example in localization of your scripts...