PASSWORD_NEEDS_REHASH(3) 1 PASSWORD_NEEDS_REHASH(3)
password_needs_rehash - Checks if the given hash matches the given options
SYNOPSIS
boolean password_needs_rehash (string $hash, integer $algo, [array $options])
DESCRIPTION
This function checks to see if the supplied hash implements the algorithm and options provided. If not, it is assumed that the hash needs
to be rehashed.
PARAMETERS
o $hash
- A hash created by password_hash(3).
o $algo
- A password algorithm constant denoting the algorithm to use when hashing the password.
o $options
- An associative array containing options. See the password algorithm constants for documentation on the supported options for
each algorithm.
EXAMPLES
Example #1
Usage of password_needs_rehash(3)
<?php
$password = 'rasmuslerdorf';
$hash = '$2y$10$YCFsG6elYca568hBi2pZ0.3LDL5wjgxct1N8w/oLR/jfHsiQwCqTS';
// The cost parameter can change over time as hardware improves
$options = array('cost' => 11);
// Verify stored hash against plain-text password
if (password_verify($password, $hash)) {
// Check if a newer hashing algorithm is available
// or the cost has changed
if (password_needs_rehash($hash, PASSWORD_DEFAULT, $options)) {
// If so, create a new hash, and replace the old one
$newHash = password_hash($password, PASSWORD_DEFAULT, $options);
}
// Log user in
}
?>
RETURN VALUES
Returns TRUE if the hash should be rehashed to match the given $algo and $options, or FALSE otherwise.
PHP Documentation Group PASSWORD_NEEDS_REHASH(3)
