Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Possible Duplicate:
How do you use bcrypt for hashing passwords in PHP?
I am developing an API using PHP. My previous version of the API which I want to migrate from was build using Rails 3.
I have only one problem. The stored passwords for the users was encrypted with the below technique.
BCrypt::Engine.hash_secret(password, user.password_salt);
How can I do the same in PHP (Codeigniter) so that the users can continue using their old passwords?
Thankful for all help!
I think you can use the crypt function with the blowfish algorithm: http://php.net/manual/en/function.crypt.php
Another option is to use mcrypt: http://www.php.net/manual/en/ref.mcrypt.php
Edit: example
Here’s what I would do:
Use crypt like this:
$hashedPassword should now contain the hash.
Basically in order to use the blow fish alogrithm, the salt needs to be in this format: $2a$[2 digit cost parameter]$[22 digit alphanumeric string]
To determine if you have blowfish on yours server: