(PHP 5 >= 5.5.0, PHP 7)
password_needs_rehash — Checks if the given hash matches the given options
$hash
, integer $algo
[, array $options
] )This function checks to see if the supplied hash implements the algorithm and options provided. If not, it is assumed that the hash needs to be rehashed.
hash一个由 password_hash() 创建的散列值。
algo一个用来在散列密码时指示算法的密码算法常量。
options一个包含有选项的关联数组。目前支持两个选项:salt,在散列密码时加的盐(干扰字符串),以及cost,用来指明算法递归的层数。这两个值的例子可在 crypt() 页面找到。
Example #1 Usage of password_needs_rehash()
<?php
$password = 'rasmuslerdorf';
$hash = '$2y$10$YCFsG6elYca568hBi2pZ0.3LDL5wjgxct1N8w/oLR/jfHsiQwCqTS';
// The cost parameter can change over time as hardware improves
$options = array('cost' => 11);
// Verify stored hash against plain-text password
if (password_verify($password, $hash)) {
// Check if a newer hashing algorithm is available
// or the cost has changed
if (password_needs_rehash($hash, PASSWORD_DEFAULT, $options)) {
// If so, create a new hash, and replace the old one
$newHash = password_hash($password, PASSWORD_DEFAULT, $options);
}
// Log user in
}
?>
Returns TRUE if the hash should be rehashed to match the given
algo and options, or FALSE
otherwise.