password_needs_rehash
password_needs_rehash
(PHP 5 >= 5.5.0, PHP 7)
password_needs_rehash — Checks if the given hash matches the given options
Description
boolean password_needs_rehash ( string $hash , integer $algo [, array $options ] )
This function checks to see if the supplied hash implements the algorithm and options provided. If not, it is assumed that the hash needs to be rehashed.
Parameters
-
hash
-
A hash created by password_hash().
-
algo
-
A password algorithm constant denoting the algorithm to use when hashing the password.
-
options
-
An associative array containing options. See the password algorithm constants for documentation on the supported options for each algorithm.
Examples
Example #1 Usage of password_needs_rehash()
<?php $password = 'rasmuslerdorf'; $hash = '$2y$10$YCFsG6elYca568hBi2pZ0.3LDL5wjgxct1N8w/oLR/jfHsiQwCqTS'; // The cost parameter can change over time as hardware improves $options = array('cost' => 11); // Verify stored hash against plain-text password if (password_verify($password, $hash)) { // Check if a newer hashing algorithm is available // or the cost has changed if (password_needs_rehash($hash, PASSWORD_DEFAULT, $options)) { // If so, create a new hash, and replace the old one $newHash = password_hash($password, PASSWORD_DEFAULT, $options); } // Log user in } ?>
Return Values
Returns TRUE
if the hash should be rehashed to match the given algo
and options
, or FALSE
otherwise.
© 1997–2017 The PHP Documentation Group
Licensed under the Creative Commons Attribution License v3.0 or later.
https://secure.php.net/manual/en/function.password-needs-rehash.php