Yii Framework Wiki
Difference between
#14 and
#15 of
Use crypt() for password storage
Revision #15 has been created by fsb on Nov 15, 2014, 6:00:22 PM with the memo:
missing base64_encode()
« previous (#14)
Changes
Title unchanged
Use crypt() for password storage
Category unchanged
Tutorials
Yii version unchanged
Tags unchanged
Authentication, security, password, hash, hashing
Content changed
[...]
From a user account generation form, assume that we have (already sanitized) user input in`$form->email` and `$form->password`. We generate the hash:
$salt = openssl_random_pseudo_bytes(22);
$salt = '$2a$%13$' . strtr(base64_encode($salt), array('_' => '.', '~' => '/'));
$password_hash = crypt($form->password, $salt);
And insert a row into `user` containing `$form->email` and `$password_hash`.
At user logon assume we again have sanitized user input in `$form->email` and `$form->password`.
[...]
20 followers
Viewed: 177 057 times
Version: 1.1
Category: Tutorials
Written by: fsb
Last updated by: fsb
Created on: Nov 27, 2012
Last updated: 9 years ago
Revisions
View all history-
9 years ago by
fsb missing base64_encode()
-
10 years ago by
fsb Rewritten to accomodate 1.1.14
-
11 years ago by
samdark another try
-
11 years ago by
samdark trying to fix github link
-
11 years ago by
Ivo Renkema fixed a minor typo