Server IP : 66.29.132.122 / Your IP : 3.144.252.226 Web Server : LiteSpeed System : Linux business142.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64 User : admazpex ( 531) PHP Version : 7.2.34 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /proc/self/root/proc/self/root/proc/thread-self/root/proc/thread-self/root/proc/self/root/proc/thread-self/root/proc/self/root/proc/self/root/opt/alt/php55/usr/share/pear/Symfony/Component/Security/Core/Encoder/ |
Upload File : |
<?php /* * This file is part of the Symfony package. * * (c) Fabien Potencier <fabien@symfony.com> * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Security\Core\Encoder; use Symfony\Component\Security\Core\Exception\BadCredentialsException; /** * @author Elnur Abdurrakhimov <elnur@elnur.pro> * @author Terje BrĂ¥ten <terje@braten.be> */ class BCryptPasswordEncoder extends BasePasswordEncoder { /** * @var string */ private $cost; /** * Constructor. * * @param integer $cost The algorithmic cost that should be used * * @throws \RuntimeException When no BCrypt encoder is available * @throws \InvalidArgumentException if cost is out of range */ public function __construct($cost) { if (!function_exists('password_hash')) { throw new \RuntimeException('To use the BCrypt encoder, you need to upgrade to PHP 5.5 or install the "ircmaxell/password-compat" via Composer.'); } $cost = (int) $cost; if ($cost < 4 || $cost > 31) { throw new \InvalidArgumentException('Cost must be in the range of 4-31.'); } $this->cost = $cost; } /** * Encodes the raw password. * * It doesn't work with PHP versions lower than 5.3.7, since * the password compat library uses CRYPT_BLOWFISH hash type with * the "$2y$" salt prefix (which is not available in the early PHP versions). * @see https://github.com/ircmaxell/password_compat/issues/10#issuecomment-11203833 * * It is almost best to **not** pass a salt and let PHP generate one for you. * * @param string $raw The password to encode * @param string $salt The salt * * @return string The encoded password * * @link http://lxr.php.net/xref/PHP_5_5/ext/standard/password.c#111 */ public function encodePassword($raw, $salt) { if ($this->isPasswordTooLong($raw)) { throw new BadCredentialsException('Invalid password.'); } $options = array('cost' => $this->cost); if ($salt) { $options['salt'] = $salt; } return password_hash($raw, PASSWORD_BCRYPT, $options); } /** * {@inheritdoc} */ public function isPasswordValid($encoded, $raw, $salt) { return !$this->isPasswordTooLong($raw) && password_verify($raw, $encoded); } }