Update password_verify() to include the reason it doesn't need the algorithm or salt.

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@330568 c90b9560-bf6c-de11-be94-00142212c4b1
2025-03-16 00:48:54 +00:00 · 2013-06-20 22:01:29 +00:00 · 2013-06-20 22:01:29 +00:00 · bc3ff3cf1b
commit bc3ff3cf1b
parent a2a1394d23
1 changed files with 6 additions and 0 deletions
--- a/reference/password/functions/password-verify.xml
+++ b/reference/password/functions/password-verify.xml
@ -17,6 +17,12 @@
  <para>
   Verifies that the given hash matches the given password.
  </para>
+  <para>
+   Note that <function>password_hash</function> returns the algorithm, cost and salt 
+   as part of the returned hash. Therefore, all information that's needed to verify
+   the hash is included in it. This allows the verify function to verify the hash
+   without needing separate storage for the salt or algorithm information.
+  </para>
 </refsect1>

 <refsect1 role="parameters">