TechQA.

concrete5 create password hash that is comparable to stored value

350 views Asked by At

I'm building a front-end user profile section, where the user can change his login password.

To be on the safe side, I want the user to enter first his current password before he can enter a new one.

But I can't figure out how to encrypt the password the way it can be checked against the value in the database. With my approach I always get a different string generated with the same input value.

Do you have any idea?

Here is what I'm trying right now:

$oldPassword = $ui->getUserPassword();
echo"<pre>";    var_dump($oldPassword);   echo"</pre>";

$pw = User::getUserPasswordHasher();
//echo"<pre>";    var_dump($pw);   echo"</pre>";

$controlPassword = User::getUserPasswordHasher()->HashPassword('stern3');
echo"<pre>";    var_dump($controlPassword);   echo"</pre>";

I'm using concrete5 Version 5.6.3.3.

php hash passwords concrete5
Original Q&A
1

There are 1 answers

0
stepozer On BEST ANSWER

How i can see concrete5 use external library Hautelook\Phpass\PasswordHash and this class has method CheckPassword:

https://github.com/hautelook/phpass/blob/f0217d804225822f9bdb0d392839029b0fcb0914/src/Hautelook/Phpass/PasswordHash.php#L305-L313

So you must get user from DB and run this method to compare password hashes.

I hope it will help

Related Questions in PHP

Related Questions in HASH

Related Questions in PASSWORDS

Related Questions in CONCRETE5

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions