1. class
  2. SilverStripe
  3. \
  4. Security
  5. \
  6. PasswordEncryptor_LegacyPHPHash

PasswordEncryptor_LegacyPHPHash deprecated

class PasswordEncryptor_LegacyPHPHash extends PasswordEncryptor_PHPHash (View source)

deprecated 5.2.0 Use SilverStripe\Security\PasswordEncryptor_PHPHash instead.

Legacy implementation for SilverStripe 2.1 - 2.3, which had a design flaw in password hashing that caused the hashes to differ between architectures due to floating point precision problems in base_convert().

See http://open.silverstripe.org/ticket/3004

Properties

protected $algorithm from  PasswordEncryptor_PHPHash

Methods

public static 
array
get_encryptors()

No description

from  PasswordEncryptor
public static 
PasswordEncryptor
create_for_algorithm(string $algorithm)

No description

from  PasswordEncryptor
public
string
encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

public
string
salt(string $password, Member $member = null)

Return a string value stored in the Member->Salt property.

from  PasswordEncryptor
public
bool
check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

public
__construct()

No description

public
string
getAlgorithm()

No description

from  PasswordEncryptor_PHPHash

Details

in PasswordEncryptor at line 29
static array get_encryptors()

No description

Return Value

array

Map of encryptor code to the used class.

in PasswordEncryptor at line 39
static PasswordEncryptor create_for_algorithm(string $algorithm)

No description

Parameters

string $algorithm

Return Value

PasswordEncryptor

Exceptions

PasswordEncryptor_NotFoundException

at line 27
string encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

The password should be hashed with salt() if applicable.

Parameters

string $password

Cleartext password to be hashed
string $salt (Optional)
Member $member (Optional)

Return Value

string

Maximum of 512 characters.

in PasswordEncryptor at line 84
string salt(string $password, Member $member = null)

Return a string value stored in the Member->Salt property.

Parameters

string $password

Cleartext password
Member $member (Optional)

Return Value

string

Maximum of 50 characters

at line 39
bool check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

Parameters

string $hash
string $password
string $salt
Member $member

Return Value

bool

at line 18
__construct()

No description

Exceptions

Exception

in PasswordEncryptor_PHPHash at line 35
string getAlgorithm()

No description

Return Value

string