Switched to password_hash

For announcing, describing and discussing code changes to BNT.

Post Reply
thekabal
Posts: 100
Joined: Sat Apr 19, 2014 22:32 UTC

Switched to password_hash

Post by thekabal » Sun May 04, 2014 03:15 UTC

I've committed the changes to switch the underlying password hashing process from phppass to the native php function password_hash, on PHP 5.5+.

On versions below 5.5, but above or equal to 5.3.7, it will use the vendor/ircmaxell/password-compat library, which is the userspace equivalent of the same process as password_hash.

It automatically detects the lack of the function, and switches to the vendor library.

This also removes our use of adodb's sessions, another step towards our switch to PDO.

Post Reply