ozh / phpass
Portable PHP password hashing framework
Installs: 65 050
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 2
Forks: 0
Open Issues: 0
Requires
- php: >=5.6
Requires (Dev)
- phpunit/phpunit: >=4.0
README
This is Openwall's Phpass, based on the 0.5 release, but modernized slightly:
- Namespaced
- Composer support (Autoloading)
- Unit Tested
The modernization has been done by Hautelook, from whom I stole this library to originally repackage it for PHP 5.3 to 7.0 compatibility in a single file and branch (Hautelook's port consisting of two branches, one for PHP 5.3 to 5.5, and another one for 5.6+).
Current version requires PHP 5.6+
Installation
Add this requirement to your composer.json
file and run composer install
:
{
"require": {
"ozh/phpass": "1.3.0"
}
}
Usage
The following example shows how to hash a password (to then store the hash in the database), and how to check whether a provided password is correct (hashes to the same value):
<?php namespace Your\Namespace; use Ozh\Phpass\PasswordHash; require_once(__DIR__ . "/vendor/autoload.php"); // or require_once('path/to/src/Ozh/Phpass/PasswordHash.php'); $passwordHasher = new PasswordHash(8,false); // Encrypt $password = $passwordHasher->HashPassword('secret'); var_dump($password); // Will output something like: // '$2a$08$a6XFLs8SrjClF1szoDDkI.6gtWVb4//QnzUjkxlus83AKCNjuD8Ha' (length=60) // '$2a$08$Qze1smZ//VAwHJ1t52zklOY/yLwlbKR6Ighf6B7uqGXdYVozTPEdG' (length=60) // '$2a$08$u2uKfE9igO.Cz0SptWxlXeVi0CQglfl3FdRK3YpbGm1NfF1d.CFPm' (length=60) // Decrypt var_dump( $passwordHasher->CheckPassword('secret', '$2a$08$0RK6Yw6j9kSIXrrEOc3dwuDPQuT78HgR0S3/ghOFDEpOGpOkARoSu') ); // true var_dump( $passwordHasher->CheckPassword('secret', '$2a$08$Qze1smZ//VAwHJ1t52zklOY/yLwlbKR6Ighf6B7uqGXdYVozTPEdG') ); // true var_dump( $passwordHasher->CheckPassword('secret', '$2a$08$u2uKfE9igO.Cz0SptWxlXeVi0CQglfl3FdRK3YpbGm1NfF1d.CFPm') ); // true