to use CRYPT_BLOWFISH on php 5.2 that doesn't support it

Question

I am running my page on PHP 5.2 that does not support CRYPT_BLOWFISH but CRYPT_MD5, and have heard that the blowfish is much more safer than md5.

Since I am not the supervisor thing, I can not upgrade PHP to a version that supports it.

Is there any hack for using CRYPT_BLOWFISH on PHP 5.2?

and,

$hash_key = crypt($something, '$2a$anySalt');

is pasting '$2a$' at the very first side correct?

quite confused.

P.s. If I use crypt() with CRYPT_BLOWFISH, will bcrypt work well in the crypt() function?

Answer 1

You can use PHPASS which has fallbacks to support systems that don't support CRYPT_BLOWFISH. Otherwise you can't really use bcrypt from PHP that I know of.