Adding salt to hash and generating url...?

Question

I'm finding this a very difficult subject to find a definitive answer for! Hoping you guys can help...

I have the following code

<form action='test2.php?' name ='gen' method='post'>
Text to hash <input type='text' name='pass'><br />
         <input type='submit' value='Go!'>
</form>

<?php
$pass2=$_POST['pass'];
$pass=md5($pass2);
echo $pass;
?>

How would I add a SPECIFIC salt code to the end of the text that the user will input? For example, if the user input PETERPAN, I would like to input ;LivesForever as the salt, which would then obviously return a hash code.

Then I'd like to produce a url using BOTH the input text and the hashed code. This would just need to appear in a div below the input box.

So the url would look like this...

http://www.website.com/+USER_INPUT_VALUE+/randomfolder/+HASH_PRODUCED+

Obviously the produced url won't look exactly like that but you get the idea...

I'm struggling to find an answer to this!

thanks guys

Answer 1

from what you describe:

$random = 'dolly'; // specific salt
$pass2 = $_POST['pass'] . $random; // add it to user input

$pass = md5($pass2); // md5() both

$url = 'http://www.website.com/'.$_POST['pass'].'/'.$random.'/'.$pass; // the url you need

echo $pass.'<br>'.$url;

Answer 2

You could do a salt by doing something like

$pass = md5($pass2 . $salt)

However, if you want to actually do a secure hash, a function like password_hash is more suitable.

Note that a hash is not just a catch-all security method. Depending on what your use-case is, this may not be very secure. It's worthwhile to look into potential security vectors before using hashes.

Answer 3

You could just concatenate the salt string to the end of the user inputted string.

<?php
    $pass2=$_POST['pass'] . 'LivesForever';
    $pass=md5($pass2);
    echo $pass;
?>

Then build the url:

$url = 'http://www.website.com/' . $_POST['pass'] . '/' . $randomfolder . '/' . $pass;