Last active
September 30, 2023 13:19
-
-
Save syntaxseed/37b3fbe65a4fa67879aa3ce1af130131 to your computer and use it in GitHub Desktop.
Legacy Password Hashing (Do not Use)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| class PassHash { | |
| //blowfish | |
| private $algo = '$2a'; | |
| // cost paramter | |
| private $cost = '$10'; | |
| private $salt = ''; | |
| //creates a salt | |
| private function unique_salt() { | |
| $this->salt = substr(sha1(mt_rand()),0,21); //sha1 hash a random number that takes the first 22 characters and stores the Hash in $hash | |
| } | |
| private function find_salt($hashed_password) { | |
| $this->salt = substr($hashed_password, 7, 21); | |
| } | |
| // this will generate a hash | |
| public function hash_password($password) { | |
| $this->unique_salt(); | |
| return crypt( $password, $this->algo . $this->cost . '$' . $this->salt .'$' ); | |
| } | |
| public function check_hash($raw_password, $hashed_password) { | |
| $this->find_salt($hashed_password); | |
| if (crypt($raw_password, $this->algo . $this->cost . '$' . $this->salt .'$') == $hashed_password){ | |
| return true; | |
| } | |
| return false; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment