%PDF- %PDF-
Server IP : 37.220.80.31 / Your IP : 13.58.26.185 Web Server : Apache/2.4.52 (Ubuntu) System : Linux 3051455-guretool.twc1.net 5.15.0-107-generic #117-Ubuntu SMP Fri Apr 26 12:26:49 UTC 2024 x86_64 User : www-root ( 1010) PHP Version : 7.4.33 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority, MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /var/www/www-root/data/www/dev.artlot24.ru/bitrix/modules/main/lib/security/ |
Upload File : |
<?php /** * Bitrix Framework * @package bitrix * @subpackage main * @copyright 2001-2020 Bitrix */ namespace Bitrix\Main\Security; class Password { /** * Compares a hash and a(n) (original) password. * @param string $hash Hash of the password. * @param string $password User supplied password. * @param bool $original * @return bool */ public static function equals($hash, $password, $original = true): bool { if($original) { $salt = ""; $hashLength = strlen($hash); if($hashLength > 100) { //new SHA-512 method, format is $6${salt}${hash} $salt = substr($hash, 3, 16); $password = static::hash($password, $salt); } else { if($hashLength > 32) { //old salt+md5 method, format is {salt}{hash} $salt = substr($hash, 0, $hashLength - 32); } //else very old format {hash} without a salt $password = $salt.md5($salt.$password); } } return hash_equals($hash, $password); } /** * Determines if a password needs to be rehashed. * @param string $hash Hash of the password. * @return bool */ public static function needRehash($hash): bool { if(CRYPT_SHA512 == 1) { if(strlen($hash) > 100) { //new SHA-512 hash usually 106 bytes long return false; } } else { if(strlen($hash) > 32) { //old md5+salt method return false; } } return true; } /** * Hashes a password using SHA-512 by default. * @param string $password * @param null|string $salt If null, will be generated * @return string */ public static function hash($password, $salt = null): string { if(CRYPT_SHA512 == 1) { //new SHA-512 method if($salt === null) { $salt = Random::getString(16, true); } //by default rounds=5000 return crypt($password, '$6$'.$salt.'$'); } else { //old md5 method if($salt === null) { $salt = Random::getStringByAlphabet(8, Random::ALPHABET_ALL); } return $salt.md5($salt.$password); } } }