Last active
June 14, 2016 07:27
-
-
Save fedorovanton/1fd6e727bccf164a5afd4b32aca0b714 to your computer and use it in GitHub Desktop.
Storing passwords
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| Use the built-in password hashing functions to hash and compare passwords. | |
| Hashing is the standard way of protecting a user's password before it's stored in a database. Many common hashing algorithms like md5 and even sha1 are unsafe for storing passwords, because hackers can easily crack passwords hashed using those algorithms. | |
| PHP provides a built-in password hashing library that uses the bcrypt algorithm, currently considered the best algorithm for password hashing. | |
| Хеширование пароля и проверка хеша | |
| */ | |
| // Hash the password. $hashedPassword will be a 60-character string. | |
| $hashedPassword = password_hash('my super cool password', PASSWORD_DEFAULT); | |
| // You can now safely store the contents of $hashedPassword in your database! | |
| // Check if a user has provided the correct password by comparing what they typed with our hash | |
| password_verify('the wrong password', $hashedPassword); // false | |
| password_verify('my super cool password', $hashedPassword); // true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment