加鹽哈希函數
function bcryptHash($rawPassword, $round = 8)
{if($round < 4 || $round > 32) $round = 8;
$salt = '$2a$' . str_pad($round, 2, '0', STR_PAD_LEFT) . '$';
$randomValue = openssl_random_pseudo_bytes(16);
//echo base64_encode($randomValue);
$salt .= substr(strtr(base64_encode($randomValue), '+', '.'), 0, 22);
//echo $salt;
return crypt($rawPassword, $salt);
}
//用戶輸入輸入放入密碼$password
$password = 'zhanghongmin';
$hashedPassword = bcryptHash($password);
//將哈希過後的密碼存入數據庫中
下面的是驗證函數
function bcryptVerify($rawPassword, $storedHash){
return crypt($rawPassword, $storedHash) == $storedHash;
}
//根據ID獲取用戶的$hashedPassword,然後將兩個密碼代入驗證函數進行驗證
if(bcryptVerify($password, $hashedPassword)){
echo 'ok';
};