clemherreman · November 5, 2012 10:06
diff --git a/phpbb_hash.php b/phpbb_hash.php
 <?php
 /**
 *
 * @version Version 0.1 / slightly modified for phpBB 3.0.x (using $H$ as hash type identifier)
 *
 * Portable PHP password hashing framework.
 *
 * Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
 * the public domain.
 *
 * There's absolutely no warranty.
 *
 * The homepage URL for this framework is:
 *
 *	http://www.openwall.com/phpass/
 *
 * Please be sure to update the Version line if you edit this file in any way.
 * It is suggested that you leave the main version number intact, but indicate
 * your project name (after the slash) and add your own revision information.
 *
 * Please do not change the "private" password hashing method implemented in
 * here, thereby making your hashes incompatible.  However, if you must, please
 * change the hash type identifier (the "$P$") to something different.
 *
 * Obviously, since this code is in the public domain, the above are not
 * requirements (there can be none), but merely suggestions.
 *
 *
 * Hash the password
 */
 function phpbb_hash($password)
 {
 	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';

 	$random_state = unique_id();
 	$random = '';
 	$count = 6;

 	if (($fh = @fopen('/dev/urandom', 'rb')))
 	{
 		$random = fread($fh, $count);
 		fclose($fh);
 	}

 	if (strlen($random) < $count)
 	{
 		$random = '';

 		for ($i = 0; $i < $count; $i += 16)
 		{
 			$random_state = md5(unique_id() . $random_state);
 			$random .= pack('H*', md5($random_state));
 		}
 		$random = substr($random, 0, $count);
 	}

 	$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);

 	if (strlen($hash) == 34)
 	{
 		return $hash;
 	}

 	return md5($password);
 }
	<?php
	/**
	*
	* @version Version 0.1 / slightly modified for phpBB 3.0.x (using $H$ as hash type identifier)
	*
	* Portable PHP password hashing framework.
	*
	* Written by Solar Designer <solar at openwall.com> in 2004-2006 and placed in
	* the public domain.
	*
	* There's absolutely no warranty.
	*
	* The homepage URL for this framework is:
	*
	* http://www.openwall.com/phpass/
	*
	* Please be sure to update the Version line if you edit this file in any way.
	* It is suggested that you leave the main version number intact, but indicate
	* your project name (after the slash) and add your own revision information.
	*
	* Please do not change the "private" password hashing method implemented in
	* here, thereby making your hashes incompatible. However, if you must, please
	* change the hash type identifier (the "$P$") to something different.
	*
	* Obviously, since this code is in the public domain, the above are not
	* requirements (there can be none), but merely suggestions.
	*
	*
	* Hash the password
	*/
	function phpbb_hash($password)
	{
	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';

	$random_state = unique_id();
	$random = '';
	$count = 6;

	if (($fh = @fopen('/dev/urandom', 'rb')))
	{
	$random = fread($fh, $count);
	fclose($fh);
	}

	if (strlen($random) < $count)
	{
	$random = '';

	for ($i = 0; $i < $count; $i += 16)
	{
	$random_state = md5(unique_id() . $random_state);
	$random .= pack('H*', md5($random_state));
	}
	$random = substr($random, 0, $count);
	}

	$hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64);

	if (strlen($hash) == 34)
	{
	return $hash;
	}

	return md5($password);
	}