Conditions | 39 |
Paths | 1113 |
Total Lines | 127 |
Code Lines | 94 |
Lines | 0 |
Ratio | 0 % |
Changes | 0 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
1 | <?php |
||
35 | function password_hash($password, $algo, array $options = array()) { |
||
36 | if (!function_exists('crypt')) { |
||
37 | trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING); |
||
38 | return null; |
||
39 | } |
||
40 | if (is_null($password) || is_int($password)) { |
||
|
|||
41 | $password = (string) $password; |
||
42 | } |
||
43 | if (!is_string($password)) { |
||
44 | trigger_error("password_hash(): Password must be a string", E_USER_WARNING); |
||
45 | return null; |
||
46 | } |
||
47 | if (!is_int($algo)) { |
||
48 | trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING); |
||
49 | return null; |
||
50 | } |
||
51 | $resultLength = 0; |
||
52 | switch ($algo) { |
||
53 | case PASSWORD_BCRYPT: |
||
54 | $cost = PASSWORD_BCRYPT_DEFAULT_COST; |
||
55 | if (isset($options['cost'])) { |
||
56 | $cost = $options['cost']; |
||
57 | if ($cost < 4 || $cost > 31) { |
||
58 | trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING); |
||
59 | return null; |
||
60 | } |
||
61 | } |
||
62 | // The length of salt to generate |
||
63 | $raw_salt_len = 16; |
||
64 | // The length required in the final serialization |
||
65 | $required_salt_len = 22; |
||
66 | $hash_format = sprintf("$2y$%02d$", $cost); |
||
67 | // The expected length of the final crypt() output |
||
68 | $resultLength = 60; |
||
69 | break; |
||
70 | default: |
||
71 | trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING); |
||
72 | return null; |
||
73 | } |
||
74 | $salt_requires_encoding = false; |
||
75 | if (isset($options['salt'])) { |
||
76 | switch (gettype($options['salt'])) { |
||
77 | case 'NULL': |
||
78 | case 'boolean': |
||
79 | case 'integer': |
||
80 | case 'double': |
||
81 | case 'string': |
||
82 | $salt = (string) $options['salt']; |
||
83 | break; |
||
84 | case 'object': |
||
85 | if (method_exists($options['salt'], '__tostring')) { |
||
86 | $salt = (string) $options['salt']; |
||
87 | break; |
||
88 | } |
||
89 | case 'array': |
||
90 | case 'resource': |
||
91 | default: |
||
92 | trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING); |
||
93 | return null; |
||
94 | } |
||
95 | if (PasswordCompat\binary\_strlen($salt) < $required_salt_len) { |
||
96 | trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", PasswordCompat\binary\_strlen($salt), $required_salt_len), E_USER_WARNING); |
||
97 | return null; |
||
98 | } elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) { |
||
99 | $salt_requires_encoding = true; |
||
100 | } |
||
101 | } else { |
||
102 | $buffer = ''; |
||
103 | $buffer_valid = false; |
||
104 | if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) { |
||
105 | $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM); |
||
106 | if ($buffer) { |
||
107 | $buffer_valid = true; |
||
108 | } |
||
109 | } |
||
110 | if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) { |
||
111 | $buffer = openssl_random_pseudo_bytes($raw_salt_len); |
||
112 | if ($buffer) { |
||
113 | $buffer_valid = true; |
||
114 | } |
||
115 | } |
||
116 | if (!$buffer_valid && @is_readable('/dev/urandom')) { |
||
117 | $f = fopen('/dev/urandom', 'r'); |
||
118 | $read = PasswordCompat\binary\_strlen($buffer); |
||
119 | while ($read < $raw_salt_len) { |
||
120 | $buffer .= fread($f, $raw_salt_len - $read); |
||
121 | $read = PasswordCompat\binary\_strlen($buffer); |
||
122 | } |
||
123 | fclose($f); |
||
124 | if ($read >= $raw_salt_len) { |
||
125 | $buffer_valid = true; |
||
126 | } |
||
127 | } |
||
128 | if (!$buffer_valid || PasswordCompat\binary\_strlen($buffer) < $raw_salt_len) { |
||
129 | $bl = PasswordCompat\binary\_strlen($buffer); |
||
130 | for ($i = 0; $i < $raw_salt_len; $i++) { |
||
131 | if ($i < $bl) { |
||
132 | $buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255)); |
||
133 | } else { |
||
134 | $buffer .= chr(mt_rand(0, 255)); |
||
135 | } |
||
136 | } |
||
137 | } |
||
138 | $salt = $buffer; |
||
139 | $salt_requires_encoding = true; |
||
140 | } |
||
141 | if ($salt_requires_encoding) { |
||
142 | // encode string with the Base64 variant used by crypt |
||
143 | $base64_digits = |
||
144 | 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; |
||
145 | $bcrypt64_digits = |
||
146 | './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; |
||
147 | |||
148 | $base64_string = base64_encode($salt); |
||
149 | $salt = strtr(rtrim($base64_string, '='), $base64_digits, $bcrypt64_digits); |
||
150 | } |
||
151 | $salt = PasswordCompat\binary\_substr($salt, 0, $required_salt_len); |
||
152 | |||
153 | $hash = $hash_format . $salt; |
||
154 | |||
155 | $ret = crypt($password, $hash); |
||
156 | |||
157 | if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != $resultLength) { |
||
158 | return false; |
||
159 | } |
||
160 | |||
161 | return $ret; |
||
162 | } |
||
314 | } |