1. class
  2. SilverStripe
  3. \
  4. Security
  5. \
  6. PasswordEncryptor_LegacyPHPHash

PasswordEncryptor_LegacyPHPHash

class PasswordEncryptor_LegacyPHPHash extends PasswordEncryptor_PHPHash

Legacy implementation for SilverStripe 2.1 - 2.3, which had a design flaw in password hashing that caused the hashes to differ between architectures due to floating point precision problems in base_convert().

See http://open.silverstripe.org/ticket/3004

Methods

static array
get_encryptors()

No description

from PasswordEncryptor
static PasswordEncryptor
create_for_algorithm(String $algorithm)

No description

from PasswordEncryptor
String
encrypt(String $password, String $salt = null, Member $member = null)

Return a string value stored in the {@link Member->Password} property.

string
salt(string $password, Member $member = null)

Return a string value stored in the {@link Member->Salt} property.

from PasswordEncryptor
bool
check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and {@link PasswordEncryptor_Blowfish}

__construct(string $algorithm)

No description

from PasswordEncryptor_PHPHash
string
getAlgorithm()

No description

from PasswordEncryptor_PHPHash

Details

in PasswordEncryptor at line 29
static array get_encryptors()

Return Value

array Map of encryptor code to the used class.

in PasswordEncryptor at line 39
static PasswordEncryptor create_for_algorithm(String $algorithm)

Parameters

String $algorithm

Return Value

PasswordEncryptor

Exceptions

PasswordEncryptor_NotFoundException

at line 14
String encrypt(String $password, String $salt = null, Member $member = null)

Return a string value stored in the {@link Member->Password} property.

The password should be hashed with {@link salt()} if applicable.

Parameters

String $password Cleartext password to be hashed
String $salt (Optional)
Member $member (Optional)

Return Value

String Maximum of 512 characters.

in PasswordEncryptor at line 83
string salt(string $password, Member $member = null)

Return a string value stored in the {@link Member->Salt} property.

Parameters

string $password Cleartext password
Member $member (Optional)

Return Value

string Maximum of 50 characters

at line 26
bool check(string $hash, string $password, string $salt = null, Member $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and {@link PasswordEncryptor_Blowfish}

Parameters

string $hash
string $password
string $salt
Member $member

Return Value

bool

in PasswordEncryptor_PHPHash at line 21
__construct(string $algorithm)

Parameters

string $algorithm A PHP built-in hashing algorithm as defined by hash_algos()

Exceptions

Exception

in PasswordEncryptor_PHPHash at line 35
string getAlgorithm()

Return Value

string