sigmasternchen/php-doc-en
1
0
Fork 0
mirror of https://github.com/sigmasternchen/php-doc-en synced 2025-03-15 16:38:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
php-doc-en/reference/password/functions/password-verify.xml
Steve Thomas f93ab9943c
password_verify is capable of verifying crypt hashes 
Closes GH-1424.
2022-02-22 17:15:50 +01:00

124 lines
3.3 KiB
XML
Raw Permalink Blame History

<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<refentry xml:id="function.password-verify" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
<refnamediv>
<refname>password_verify</refname>
<refpurpose>Verifies that a password matches a hash</refpurpose>
</refnamediv>
<refsect1 role="description">
&reftitle.description;
<methodsynopsis>
<type>bool</type><methodname>password_verify</methodname>
<methodparam><type>string</type><parameter>password</parameter></methodparam>
<methodparam><type>string</type><parameter>hash</parameter></methodparam>
</methodsynopsis>
<para>
Verifies that the given hash matches the given password.
<function>password_verify</function> is compatible with <function>crypt</function>.
Therefore, password hashes created by <function>crypt</function> can be used with
<function>password_verify</function>.
</para>
<para>
Note that <function>password_hash</function> returns the algorithm, cost and salt
as part of the returned hash. Therefore, all information that's needed to verify
the hash is included in it. This allows the verify function to verify the hash
without needing separate storage for the salt or algorithm information.
</para>
<para>
This function is safe against timing attacks.
</para>
</refsect1>
<refsect1 role="parameters">
&reftitle.parameters;
<variablelist>
<varlistentry>
<term><parameter>password</parameter></term>
<listitem>
<para>
&password.parameter.password;
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><parameter>hash</parameter></term>
<listitem>
<para>
&password.parameter.hash;
</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 role="returnvalues">
&reftitle.returnvalues;
<para>
Returns &true; if the password and hash match, or &false; otherwise.
</para>
</refsect1>
<refsect1 role="examples">
&reftitle.examples;
<para>
<example>
<title><function>password_verify</function> example</title>
<programlisting role="php">
<![CDATA[
<?php
// See the password_hash() example to see where this came from.
$hash = '$2y$07$BCryptRequires22Chrcte/VlQH0piJtjXl.0t1XkA8pw9dMXTpOq';
if (password_verify('rasmuslerdorf', $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
?>
]]>
</programlisting>
&example.outputs;
<screen>
<![CDATA[
Password is valid!
]]>
</screen>
</example>
</para>
</refsect1>
<refsect1 role="seealso">
&reftitle.seealso;
<para>
<simplelist>
<member><function>password_hash</function></member>
<member><link xmlns:xlink="http://www.w3.org/1999/xlink" xlink:href="&url.password.compat;">userland implementation</link></member>
<member><function>sodium_crypto_pwhash_str_verify</function></member>
</simplelist>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->
Reference in a new issue View git blame Copy permalink