StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POMemory limit reached while exectuting a PHP script
primarykey
Id
14032115
data
AcceptedAnswerId
14032278
AnswerCount
1
ClosedDate
CommentCount
1
CommunityOwnedDate
CreationDate
2012-12-25T15:57:33.607
FavoriteCount
0
LastActivityDate
2012-12-25T16:22:30.473
LastEditDate
LastEditorUserId
0
OwnerUserId
1928216
ParentId
0
PostTypeId
1
Score
0
ViewCount
231
LastEditorDisplayName
text
Body
I am currently revising my register script to add PDO and bcrypt. However I run into an error I feel when I try to iterate my hash. I had the rounds initially set to 10000 as I seen tutorials with rounds of 60000+ but that was taking ages. So then I set it to 2 just to test it out and then I got an error : <pre><code>[Tue Dec 25 10:45:07 2012] [error] [] PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 133431193 bytes) in /var/www/register_script.php on line 28, referer: </code></pre> My entire register script goes as fallows : <pre><code><?php //Minor work needed need to finish user verification $host="localhost"; // Host name $username="root"; // Mysql username $password="testdbpass"; // Mysql password $db_name="test"; // Database name // Connect to server via PHP Data Object $dbh = new PDO("mysql:host=localhost;dbname=test;", $username, $password); $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); CRYPT_BLOWFISH or die ('No Blowfish found.'); // Creating the salt $Blowfish_Pre = '$2y$15$'; $Blowfish_End = '$'; $Allowed_Chars = '/.ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; $char_len = 63; $salt_length = 60; for($round=0;$round<$salt_length;$roundi++) { $salt .= $Allowed_Chars[mt_rand(0,$char_len)]; } $bcrypt_salt = $Blowfish_Pre . $salt . $Blowfish_End; //Salt creating stops here //Creating the hash and password $password = $_POST['password']; $hashed_password = crypt($password, $bcrypt_salt); for($round=0; $round<2; $round++) { $hashed_password = crypt($password, $bcrypt_salt); } // Insert statements with PDO try { $query = $dbh->prepare("INSERT INTO `users_blowfish` (username, email, fname, lname, salt, password) VALUES (:username, :email, :first, :last, :salt, :hash)"); $query->execute( array( 'username' => $_POST['username'], 'email' => $_POST['email'], 'first' => $_POST['fname'], 'last' => $_POST['lname'], 'salt' => $bcrypt_salt, 'hash' => $hashed_password )); } catch (PDOException $e) { error_log($e->getMessage()); die($e->getMessage()); } $dbh= null; ?> <html> <body> Thank you for registering your account. Please wait for administrator approval before doing anything else. Thank you - System Administrator. </body> </html> </code></pre> If I take out the for statement : <pre><code>$hashed_password = crypt($password, $bcrypt_salt); for($round=0; $round<2; $round++) { $hashed_password = crypt($password, $bcrypt_salt); } </code></pre> Then it all work. However what confuses me is that I have two for statements the one above ^ and this one : <pre><code>$salt_length = 60; for($round=0;$round<$salt_length;$roundi++) { $salt .= $Allowed_Chars[mt_rand(0,$char_len)]; } </code></pre> I guess my questions summed up are 1) Why does the for statement by the hash make the registration extremely slow and the for statement by the salt creation doesn't affect the speed of registration?
Tags
<php><hash><iteration><salt><bcrypt>
Title
Memory limit reached while exectuting a PHP script
singulars
PostAcceptedAnswerId
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
PostParentId
1. This table or related slice is empty.
PostTypePostTypeId
1. PTQuestion
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. USRixhers Ajazi
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. PO
 singulars
 PostTypePostTypeId
 PTAnswer
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId
1. COYou should not need to manually implement rounds for bcrypt. Don't roll your own, use something that already exists, like http://www.openwall.com/phpass/
 singulars
 PostPostId
 POMemory limit reached while exectuting a PHP script
 UserUserId
 USAmber

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.