Posted By

sarfraznawaz2005 on 01/19/11


Tagged

php security hash


Versions (?)

Hashing Class


 / Published in: PHP
 

Hashing class for user login and registration

  1. class PassHash {
  2.  
  3. // blowfish
  4. private static $algo = '$2a';
  5. /*
  6.   The Blowfish algorithm may not be implemented in all systems,
  7.   even though it is quite popular by now. You may check your
  8.   system with this code:
  9.  
  10.   if (CRYPT_BLOWFISH == 1) {
  11.   echo "Yes";
  12.   } else {
  13. echo "No";
  14.   }
  15.  
  16.   */
  17.  
  18.  
  19. // cost parameter
  20. private static $cost = '$10';
  21.  
  22. // mainly for internal use
  23. public static function unique_salt() {
  24. return substr(sha1(mt_rand()),0,22);
  25. }
  26.  
  27. // this will be used to generate a hash
  28. public static function hash($password) {
  29.  
  30. return crypt($password,
  31. self::$algo .
  32. self::$cost .
  33. '$' . self::unique_salt());
  34.  
  35. }
  36.  
  37. // this will be used to compare a password against a hash
  38. public static function check_password($hash, $password) {
  39.  
  40. $full_salt = substr($hash, 0, 29);
  41.  
  42. $new_hash = crypt($password, $full_salt);
  43.  
  44. return ($hash == $new_hash);
  45.  
  46. }
  47.  
  48. }

Report this snippet  

You need to login to post a comment.