Password Hash and Validation - PHP Snipplr Social Repository

Revision: 54605

at January 4, 2012 06:18 by StevenW721

Initial Code

function generate_hash ($plain_text, $salt = null) {
	
	if ($salt === null) {
		$salt = substr(md5(uniqid(rand(), true)), 0, 12);
	} else {
		$salt = substr($salt, 0, 12);
	}

	return $salt . sha1($salt . $plain_text);
	
}

Initial URL

Initial Description

Calling generateHash() with a single argument (the plain text password) will cause a random string to be generated and used for the salt. The resulting string consists of the salt followed by the SHA-1 hash - this is to be stored away in your database. When you're checking a user's login, the situation is slightly different in that you already know the salt you'd like to use. The string stored in your database can be passed to generateHash() as the second argument when generating the hash of a user-supplied password for comparison.

Initial Title

Password Hash and Validation

Initial Tags

validation

Initial Language

PHP

Choose a language for easy browsing: