Skip to content
Create a gist now

Instantly share code, notes, and snippets.

Django's password hashing ported to PHP
private function set_password($raw_password) {
Sets the password to a string of random sha1 salt
and encrypted password.
Separated by '$'
$salt = substr(sha1(genRandomString().genRandomString()), 0, 5);
$hash = sha1($salt.$raw_password);
$enc_password = $salt.'$'.$hash;
$this->password = $enc_password;
public function check_password($raw_password, $enc_password) {
Returns a boolean of whether the raw_password was correct.
$pieces = explode('$', $enc_password);
$salt = $pieces[0];
$hash = $pieces[1];
if ($hash == sha1($salt.$raw_password))
return true;
return false;
function genRandomString($length = 5) {
$retval = "";
for ($i=0; $i < $length; $i++) {
$retval .= chr(rand(97,122));
return $retval;
hxgf commented Mar 24, 2013

this just saved me a ton of time. THANK YOU so much!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.