Created
August 16, 2014 14:07
-
-
Save fordarnold/91e2e01be758e13887bc to your computer and use it in GitHub Desktop.
Password Hashing PHP Class
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Hashing user passwords | |
| * | |
| * @author Ravi Tamada | |
| * @source http://www.androidhive.info/2014/01/how-to-create-rest-api-for-android-app-using-php-slim-and-mysql-day-23/ | |
| */ | |
| class PassHash{ | |
| // blowfish algo | |
| private static $algo = '$2a'; | |
| // cost parameter | |
| private static $cost = '$10'; | |
| // Creating hashing salt | |
| public static function unique_salt(){ | |
| return substr( sha1(mt_rand()), 0, 22 ); | |
| } | |
| /** | |
| * Generate password hash | |
| */ | |
| public static function hash($password){ | |
| return crypt( $password, self::$algo . self::$cost . '$' . self::unique_salt() ); | |
| } | |
| /** | |
| * Compare password against a hash | |
| */ | |
| public static function check_password($hash, $password){ | |
| $full_salt = substr($hash, 0, 29); | |
| $new_hash = crypt($password, $full_salt); | |
| return ($hash == $new_hash); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment