Last active
January 3, 2016 00:49
-
-
Save tvdsluijs/8385168 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public function verifyPassword($passwd){ | |
if(substr($this->password, 0, 1) == '#'){ | |
$saved_pw = explode(':', substr($this->password, 1) ); | |
$salt = $saved_pw[1]; | |
$data = $salt.md5($passwd); | |
$givenPasswd = hash('sha512', $data); //oude manier controle! | |
if($givenPasswd === $saved_pw[0]){ | |
//okay, sla ww op als sha512 ! | |
$salt = generateSalt(); | |
$this->password = getHashedPWWithSalt($passwd,$salt); | |
$this->save(); | |
}else{ | |
return false; | |
} | |
}else{ //blijkbaar is het al sha512 correct | |
$saved_pw = explode(':', $this->password); | |
$salt = $saved_pw[1]; | |
$givenPasswd = hash($passwd,$salt); | |
if($givenPasswd !== $saved_pw[0]){ | |
return false; | |
} | |
} | |
return true; | |
} | |
/** | |
* returns hashed salted password | |
* @param $password | |
* @param $salt | |
* | |
* @return string | |
*/ | |
public static function hash($password, $salt) | |
{ | |
//sha_512 | |
$stretch = 10; | |
$data = $salt . $password; | |
for ($i = 0; $i < $stretch; $i++) | |
{ | |
$data = hash('sha512', $data); | |
} | |
return $data; | |
} | |
/** | |
* returns hased salted password with : salt added to it | |
* @param $password | |
* @param $salt | |
* | |
* @return string | |
*/ | |
public static function getHashedPWWithSalt($password, $salt){ | |
$saltedPassword = self::hash($password, $salt); | |
return $saltedPassword . ":" . $salt; | |
} | |
public static function generateSalt() | |
{ | |
return md5(microtime()); | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment