'[DOC-CVS] [doc-en] master: password_needs_rehash: Fix example (#2786)'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       php-doc-cvs
Subject:    [DOC-CVS] [doc-en] master: password_needs_rehash: Fix example (#2786)
From:       Tim_Düsterhus_via_GitHub <noreply () php ! net>
Date:       2023-09-22 15:50:34
Message-ID: yE1N39xFRTN5ii7tjQsX4ovOvSYY0CzU2c0WEQrrRUk () main ! php ! net
[Download RAW message or body]

Author: Tim Düsterhus (TimWolla)
Committer: GitHub (web-flow)
Pusher: Girgias
Date: 2023-09-22T16:37:04+01:00

Commit: https://github.com/php/doc-en/commit/c3dce34e6fb834f9c1e08ecd50fe274177fe4e29
Raw diff: https://github.com/php/doc-en/commit/c3dce34e6fb834f9c1e08ecd50fe274177fe4e29.diff


password_needs_rehash: Fix example (#2786)

The old example was broken, because the `cost` option is only valid for bcrypt,
but not for argon2. Thus in case the default algorithm actually changes, the
example would be broken.

Also update the example costs with 12 as per #2784.

Changed paths:
  M  reference/password/functions/password-needs-rehash.xml


Diff:

diff --git a/reference/password/functions/password-needs-rehash.xml \
b/reference/password/functions/password-needs-rehash.xml index \
                528489550f1..2ca99c3dd3d 100644
--- a/reference/password/functions/password-needs-rehash.xml
+++ b/reference/password/functions/password-needs-rehash.xml
@@ -98,19 +98,21 @@
 $password = 'rasmuslerdorf';
 $hash = '$2y$10$YCFsG6elYca568hBi2pZ0.3LDL5wjgxct1N8w/oLR/jfHsiQwCqTS';
 
-// The cost parameter can change over time as hardware improves
-$options = array('cost' => 11);
+$algorithm = PASSWORD_BCRYPT;
+// bcrypt's cost parameter can change over time as hardware improves
+$options = ['cost' => 12];
 
 // Verify stored hash against plain-text password
 if (password_verify($password, $hash)) {
-    // Check if a newer hashing algorithm is available
-    // or the cost has changed
-    if (password_needs_rehash($hash, PASSWORD_DEFAULT, $options)) {
+    // Check if either the algorithm or the options have changed
+    if (password_needs_rehash($hash, $algorithm, $options)) {
         // If so, create a new hash, and replace the old one
-        $newHash = password_hash($password, PASSWORD_DEFAULT, $options);
+        $newHash = password_hash($password, algorithm, $options);
+
+        // Update the user record with the $newHash
     }
 
-    // Log user in
+    // Perform the login.
 }
 ?>
 ]]>

-- 
PHP Documentation Commits Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic