<?phpclass User extends ActiveRecord\Model { var $pass = FALSE; pu

1. <?php
2.  
3. class User extends ActiveRecord\Model {
4.    
5.     var $pass = FALSE;
6.    
7.     public function pre_save() {
8.         if($this->pass)
9.             $this->password($this->pass);
10.     }
11.    
12.     private function hash_password($pass) {
13.         $salt = bin2hex(mcrypt_create_iv(32,MCRYPT_DEV_URANDOM));
14.         $hash = hash('sha256',$salt.$pass);
15.         return $salt.$hash;
16.     }
17.    
18.     private function validate_password($password)
19.     {
20.         $salt = substr($this->password,1,64);
21.         $hash = substr($this->password,65,128);
22.        
23.         $password_hash = hash('sha256',$salt.$hash);
24.         return $hash == $password_hash;
25.     }
26.    
27.     public static function login($username, $password) {
28.         $user = User::find_by_username($username);
29.        
30.         if($user && $user->validate_password($password))
31.             return $user;
32.         else
33.             return FALSE;
34.     }
35. }
36.  
37. /*
38.  * end of file User.php
39.  * ./application/models/User.php
40.  */