PHP Salt::getHash Examples

Programming Language: PHP

Class/Type: Salt

Method/Function: getHash

Examples at hotexamples.com: 1

PHP Salt::getHash - 1 examples found. These are the top rated real world PHP examples of Salt::getHash extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

equal(6)

instance(2)

randombytes(2)

box(1)

box_keypair(1)

box_open(1)

decodeInput(1)

decrypt(1)

encrypt(1)

getHash(1)

onetimeauth(1)

onetimeauth_verify(1)

save(1)

scalarmult(1)

secretbox(1)

secretbox_open(1)

Example #1

Show file

File: Account.php Project: newmight2015/bow

 public static function create($username, $password, $repeat, $email)
 {
     /* We load the $dbConn variable as global to use it inside the function. */
     global $dbConn;
     /* 
      * We first need to sanitize the variables we got in order to avoid
      * SQL injection attacks from malicious users.
      */
     $username = $dbConn->real_escape_string($username);
     $password = $dbConn->real_escape_string($password);
     $repeat = $dbConn->real_escape_string($repeat);
     $email = $dbConn->real_escape_string($email);
     /* We check if the two passwords match each other. */
     if ($password == $repeat) {
         /* Check if username is empty. */
         if (Validator::isEmpty($username)) {
             new Message(3);
             return;
         }
         /* We check if the user has supplied a valid email address. */
         if (Validator::validateEmail($email) == false) {
             new Message(6);
             return;
         }
         /* We check for duplicate usernames. */
         if (Validator::userExists($username)) {
             new Message(8);
             return;
         }
         /* We check for duplicate email address. */
         if (Validator::emailExists($email)) {
             new Message(9);
             return;
         }
         /* 
          * Check password for security. 
          * Password security policy rules:
          * ---------------------------------
          * 1. It must contain both numbers/letters.
          * 2. It must be longer than 8 characters.
          */
         if (Validator::isValidPassword($password) == false) {
             new Message(10);
             return;
         }
         /* We generate a new unique salt for the user. */
         $salt = Salt::getHash();
         /* 
          * We now need to store the password as a hash and for that reason
          * we will use the hash function sha-256 which generates a 64 character
          * hash (256 bits long and uses 4 bits per character = 64 characters).
          * We also mix the salt with the hash so that it is harder for an
          * attacker to bruteforce the hash and find the correct password.
          */
         $hashedPassword = hash("sha256", $salt . $password . $salt);
         /* We build our query and execute it. */
         $result = $dbConn->query("INSERT INTO `accounts` VALUES ('', '{$username}', '{$hashedPassword}', '{$email}', '{$salt}', NULL, NULL);");
         /* Supposing the query ran then */
         if ($result) {
             //The account was created successfully.
             new Message(7, "success");
         }
     } else {
         /* The two passwords don't match each other. */
         new Message(5);
     }
 }