public static function VerifyPasswordInfo($data, $hash, $numrounds) { global $sso_settings; if ($sso_settings["sso_login"]["password_mode"] == "password_hash_bcrypt" && function_exists("password_verify")) { $result = @password_verify($data, pack("H*", $hash)); if ($result === false) { return false; } } else { $result = Blowfish::Hash($data, $numrounds, 0); if (!$result["success"] || $hash !== bin2hex($result["hash"])) { return false; } } return true; }