PHP: md5 - Manual (original) (raw)

(PHP 4, PHP 5, PHP 7, PHP 8)

md5 — Calculate the md5 hash of a string

Warning

It is not recommended to use this function to secure passwords, due to the fast nature of this hashing algorithm. See thePassword Hashing FAQ for details and best practices.

Description

Parameters

string

The string.

binary

If the optional binary is set to [true](reserved.constants.php#constant.true), then the md5 digest is instead returned in raw binary format with a length of 16.

Return Values

Returns the hash as a 32-character hexadecimal number.

Examples

Example #1 A md5() example

`<?php
$str = 'apple';

if (

md5($str) === '1f3870be274f6c49b3e31a0c6728957f') {
echo "Would you like a green or red apple?";
}
?>`

See Also

• hash() - Generate a hash value (message digest)
• password_hash() - Creates a password hash

Found A Problem?

yiminrong at yahoo dot ca ¶

4 years ago

Regarding Ray Paseur's comment, the strings hash to:

0e462097431906509019562988736854
0e830400451993494058024219903391

The odds of getting a hash exactly matching the format /^0+e[0-9]+$/ are not high but are also not negligible.

It should be added as a general warning for all hash functions to always use the triple equals === for comparison.

Actually, the warning should be in the operators section when comparing string values! There are lots of warnings about string comparisons, but nothing specific about the format /^0+e[0-9]+$/.

Ray.Paseur sometimes uses Gmail ¶

7 years ago

md5('240610708') == md5('QNKCDZO')

This comparison is true because both md5() hashes start '0e' so PHP type juggling understands these strings to be scientific notation.  By definition, zero raised to any power is zero.