Qual è il modo migliore per accedere alle password hash in PHP 5.3.5? Poiché in questa versione non ha password_hash()
.
Qual è il modo migliore per accedere alle password hash in PHP 5.3.5? Poiché in questa versione non ha password_hash()
.
Se puoi aggiornare la versione di PHP è meglio farlo, ma a volte gli hosting condivisi hanno versioni precedenti di PHP come la tua che non supportano password_hash()
.
Phpass sembra adattarsi bene in questo caso.
phpass (pronounced "pH pass") is a portable public domain password hashing framework for use in PHP applications. It is meant to work with PHP 3 and above, and it has actually been tested with at least PHP 3.0.18 through 5.4.x so far. (PHP 3 support is likely to be dropped in next revision.)
The preferred (most secure) hashing method supported by phpass is the OpenBSD-style Blowfish-based bcrypt, also supported with our public domain crypt_blowfish package (for C applications), and known in PHP as CRYPT_BLOWFISH, with a fallback to BSDI-style extended DES-based hashes, known in PHP as CRYPT_EXT_DES, and a last resort fallback to MD5-based salted and variable iteration count password hashes implemented in phpass itself (also referred to as portable hashes).
Nota: se hai la versione PHP di > = 5.3.7 puoi anche utilizzare password_compat