<?phpclass Classes_Password{ /** * Reference to database connection

1. <?php
2.  
3. class Classes_Password
4. {
5.     /**
6.      * Reference to database connection
7.      *
8.      * @var object Zend_DB
9.      */
10.     protected $_db = null;
11.  
12.     /**
13.      * Hashing algorithm to use
14.      *
15.      * @var string
16.      */
17.     protected $_hashAlgorithm = 'tiger192,4';
18.  
19.     private $_passwordHash = null;
20.  
21.     public function __construct()
22.     {
23.         // Assign reference to database connection
24.         $this->_db = Zend_Registry::get('db');
25.     }
26.  
27.     /**
28.      * Create password hash
29.      *
30.      * - Create a salt by hashing time() as random string
31.      * - Take the first 24 characters of the salt for use later
32.      * - Create encryption of the password by hashing the concatenation of the first 24 characters of the salt and the password
33.      * - Take the first 24 characters of the encryption for use later
34.      * - Hash to store in the database is the concatenation of the first 24 characters of the salt and the first 24 characters of the encryption
35.      *
36.      * @param string Password
37.      * @return string Encryption string
38.      */
39.     public function encrypt( $password )
40.     {
41.         // Create a salt by hashing time() as random string
42.         $salt = hash( $this->_hashAlgorithm, time() );
43.  
44.         // Take the first 24 characters of the salt for use later
45.         $halfSalt = substr( $salt, 0, 24 );
46.  
47.         // Create encryption of the password by hashing the concatenation of the first 24 characters of the salt and the password
48.         $encryption = hash( $this->_hashAlgorithm, $halfSalt.$password );
49.  
50.         // Take the first 24 characters of the encryption for use later
51.         $halfEncryption = substr( $encryption, 0, 24 );
52.  
53.         return $halfSalt.$halfEncryption;
54.     }
55.  
56.     /**
57.      * Determine whether provided password is valid or not
58.      *
59.      * @param string Password
60.      * @return boolean true|false
61.      */
62.     public function isValid( $encryptionString, $password )
63.     {
64.         $halfSalt = substr( $encryptionString, 0, 24 );
65.         $halfEncryption = substr( $encryptionString, 24 );
66.  
67.         return ( $halfEncryption == substr( hash( $this->_hashAlgorithm, $halfSalt.$password ), 0, 24 ) ) ? true : false;
68.     }
69.  
70.     public function getEncryptionSalt( $username )
71.     {
72.         if ( ! isset( $this->_passwordHash ) )
73.         {
74.             $this->_passwordHash = substr( $this->_getPasswordHash($username), 0, 24 );
75.         }
76.  
77.         return $this->_passwordHash;
78.     }
79.  
80.     public function getEncryptionString( $username, $password )
81.     {
82.         $encryptionString = $this->getEncryptionSalt($username) . substr( hash( $this->_hashAlgorithm, $this->getEncryptionSalt($username).$password ), 0, 24 );
83.  
84.         return $encryptionString;
85.     }
86.  
87.     protected function _getPasswordHash( $username )
88.     {
89.         $result = $this->_db->fetchRow("
90.             SELECT
91.                 password
92.             FROM
93.                 credentials
94.             WHERE
95.                 username = '" . $username . "'
96.         ");
97.  
98.         return $result->password;
99.     }
100. }