Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $username = 'Admin';
- $password = 'gf45_gdf#4hg';
- // A higher "cost" is more secure but consumes more processing power
- $cost = 10;
- // Create a random salt
- $salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
- // Prefix information about the hash so PHP knows how to verify it later.
- // "$2a$" Means we're using the Blowfish algorithm. The following two digits are the cost parameter.
- $salt = sprintf("$2a$%02d$", $cost) . $salt;
- // Value:
- // $2a$10$eImiTXuWVxfM37uY4JANjQ==
- // Hash the password with the salt
- $hash = crypt($password, $salt);
- // Value:
- // $2a$10$eImiTXuWVxfM37uY4JANjOL.oTxqp7WylW7FCzx2Lc7VLmdJIddZq
- // Verify
- $username = 'Admin';
- $password = 'gf45_gdf#4hg';
- $sth = $dbh->prepare('
- SELECT
- hash
- FROM users
- WHERE
- username = :username
- LIMIT 1
- ';
- $sth->bindParam(':username', $username);
- $sth->execute();
- $user = $sth->fetch(PDO::FETCH_OBJ);
- // Hashing the password with its hash as the salt returns the same hash
- if ( crypt($password, $user->hash) == $user->hash ) {
- // Ok!
- }
Add Comment
Please, Sign In to add comment
