gistfile1.php

public function verifyPassword($passwd){
        if(substr($this->password, 0, 1) == '#'){
            $saved_pw = explode(':', substr($this->password, 1) );
            $salt = $saved_pw[1];
            $data = $salt.md5($passwd);
            $givenPasswd = hash('sha512', $data); //oude manier controle!

            if($givenPasswd === $saved_pw[0]){
                //okay, sla ww op als sha512 !
                $salt = generateSalt();
                $this->password = getHashedPWWithSalt($passwd,$salt);

                $this->save();
            }else{
                return false;
            }
        }else{ //blijkbaar is het al sha512 correct
            $saved_pw = explode(':', $this->password);
            $salt = $saved_pw[1];
            $givenPasswd = hash($passwd,$salt);
            if($givenPasswd !== $saved_pw[0]){
                return false;
            }
        }
        return true;
    }
    
    
    /**
     * returns hashed salted password
     * @param $password
     * @param $salt
     *
     * @return string
     */
    public static function hash($password, $salt)
    {
        //sha_512
        $stretch = 10;
        $data = $salt . $password;
        for ($i = 0; $i < $stretch; $i++)
        {
            $data = hash('sha512', $data);
        }
        return $data;
    }

    /**
     * returns hased salted password with : salt added to it
     * @param $password
     * @param $salt
     *
     * @return string
     */
    public static function getHashedPWWithSalt($password, $salt){

        $saltedPassword = self::hash($password, $salt);

        return $saltedPassword . ":" . $salt;
    }
    
    public static function generateSalt()
    {
        return md5(microtime());
    }