1. class
  2. SilverStripe
  3. \
  4. Security
  5. \
  6. PasswordEncryptor_LegacyPHPHash

PasswordEncryptor_LegacyPHPHash

class PasswordEncryptor_LegacyPHPHash extends PasswordEncryptor_PHPHash (View source)

Legacy implementation for SilverStripe 2.1 - 2.3, which had a design flaw in password hashing that caused the hashes to differ between architectures due to floating point precision problems in base_convert().

See http://open.silverstripe.org/ticket/3004

Properties

static private array $encryptors from  PasswordEncryptor

Methods

static array
get_encryptors()

No description

from  PasswordEncryptor
static PasswordEncryptor
create_for_algorithm(string $algorithm)

No description

from  PasswordEncryptor
string
encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the {@link Member->Password} property.

string
salt(string $password, Member $member = null)

Return a string value stored in the {@link Member->Salt} property.

from  PasswordEncryptor
bool
check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and {@link PasswordEncryptor_Blowfish}

__construct(string $algorithm)

No description

from  PasswordEncryptor_PHPHash
string
getAlgorithm()

No description

from  PasswordEncryptor_PHPHash

Details

in PasswordEncryptor at line 29
static array get_encryptors()

Return Value

array

Map of encryptor code to the used class.

in PasswordEncryptor at line 39
static PasswordEncryptor create_for_algorithm(string $algorithm)

Parameters

string $algorithm

Return Value

PasswordEncryptor

Exceptions

PasswordEncryptor_NotFoundException

at line 14
string encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the {@link Member->Password} property.

The password should be hashed with {@link salt()} if applicable.

Parameters

string $password

Cleartext password to be hashed
string $salt

(Optional)
Member $member

(Optional)

Return Value

string

Maximum of 512 characters.

in PasswordEncryptor at line 83
string salt(string $password, Member $member = null)

Return a string value stored in the {@link Member->Salt} property.

Parameters

string $password

Cleartext password
Member $member

(Optional)

Return Value

string

Maximum of 50 characters

at line 26
bool check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and {@link PasswordEncryptor_Blowfish}

Parameters

string $hash
string $password
string $salt
Member $member

Return Value

bool

in PasswordEncryptor_PHPHash at line 21
__construct(string $algorithm)

Parameters

string $algorithm

A PHP built-in hashing algorithm as defined by hash_algos()

Exceptions

Exception

in PasswordEncryptor_PHPHash at line 35
string getAlgorithm()

Return Value

string