class PasswordEncryptor_LegacyPHPHash extends PasswordEncryptor_PHPHash (View source)

deprecated 5.2.0 Use SilverStripe\Security\PasswordEncryptor_PHPHash instead.

Legacy implementation for SilverStripe 2.1 - 2.3, which had a design flaw in password hashing that caused the hashes to differ between architectures due to floating point precision problems in base_convert().

See http://open.silverstripe.org/ticket/3004

Properties

protected $algorithm from  PasswordEncryptor_PHPHash

Methods

public static 
array
get_encryptors()

No description

public static 
create_for_algorithm(string $algorithm)

No description

public
string
encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

public
string
salt(string $password, Member $member = null)

Return a string value stored in the Member->Salt property.

public
bool
check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

public
__construct()

No description

public
string
getAlgorithm()

No description

Details

static array get_encryptors()

No description

Return Value

array

Map of encryptor code to the used class.

static PasswordEncryptor create_for_algorithm(string $algorithm)

No description

Parameters

string $algorithm

Return Value

PasswordEncryptor

Exceptions

PasswordEncryptor_NotFoundException

string encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

The password should be hashed with salt() if applicable.

Parameters

string $password

Cleartext password to be hashed

string $salt (Optional)
Member $member (Optional)

Return Value

string

Maximum of 512 characters.

string salt(string $password, Member $member = null)

Return a string value stored in the Member->Salt property.

Parameters

string $password

Cleartext password

Member $member (Optional)

Return Value

string

Maximum of 50 characters

bool check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

Parameters

string $hash
string $password
string $salt
Member $member

Return Value

bool

__construct()

No description

Exceptions

Exception

string getAlgorithm()

No description

Return Value

string