selfsimilar/drupal7_password_hasher

Drupal 7 password hasher wrapped in a properly namespaced class wrapper.

Maintainers

Details

github.com/selfsimilar/drupal7_password_hasher

Homepage

Source

Issues

Installs: 7 215

Dependents: 1

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.0.0 2020-11-03 00:00 UTC

Requires

  • php: >=7.0.0

Requires (Dev)

GPL-3.0-or-later 3247adc17e793aa89f1ed62953a6eb252633746b

securitypasswordcryptdrupalhasher

This package is auto-updated.

Last update: 2025-06-16 23:01:35 UTC

README

Build Status

This is the Drupal 7 password hasher code, reformatted in to a PSR-4 compliant library class for use in PHP projects that need to import legacy Drupal 7 user accounts. Drupal 7 is licensed under the GPLv3, and as this borrows directly from that code, I have licensed this code similarly. Thanks to HauteLook for the Modernized Openwall Phpass package for inspiration.

Usage

<?php

namespace Your\Namespace;

use Selfsimilar\D7PasswordHasher\Hasher;

require_once(__DIR__ . "/vendor/autoload.php");

// Constructor take the iteration count for number of cycles to hash, but by
// default uses the Drupal 7 stock number. You may need to check your Drupal 7
// installation for the value of `password_count_log2` (e.g. `drush
// variable-get password_count_log2`). If it is set and different than 15,
// you will need to pass it to the Hasher() constructor.
$passwordHasher = new Hasher();

$password = $passwordHasher->HashPassword('secret');
var_dump($password);

$passwordMatch = $passwordHasher->CheckPassword('secret',
  "$2a$08$0RK6Yw6j9kSIXrrEOc3dwuDPQuT78HgR0S3/ghOFDEpOGpOkARoSu");
var_dump($passwordMatch);