PunbbPassword - Code Metrics - vanilla/garden - Measure and Improve Code Quality continuously with Scrutinizer

PunbbPassword A
last analyzed 2017-08-29 15:20 UTC

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	71
Duplicated Lines	14.08 %

Coupling/Cohesion

Components	0
Dependencies	0

Test Coverage

Coverage

88.89%

Importance

Changes

Metric	Value
dl	10
loc	71
ccs	24
cts	27
cp	0.8889
rs	10
c	0
b	0
f	0
wmc	11
lcom	0
cbo	0

5 Methods

Rating	Name	Duplication	Size	Complexity
A	hash()	0	4	1
A	hashRaw()	0	5	1
A	needsRehash()	10	10	3
A	verify()	0	15	4
A	splitHash()	0	8	2

How to fix Duplicated Code

<?php
/**
 * @author Todd Burry <[email protected]>
 * @copyright 2009-2014 Vanilla Forums Inc.
 * @license MIT
 */

namespace Garden\Password;


/**
 * Implements the password hashing algorithm of punBB.
 *
 * In order to use this class with passwords from a punbb database concatenate the password hashes and salts.
 *
 * ```php
 * // php
 * $hash = $password.'$'.$salt;
 * ```
 *
 * ```sql
 * -- mysql
 * select concat(u.password, '$', u.salt) as password_hash
 * from punbb_users u;
 * ```
 */
class PunbbPassword implements IPassword {

    /**
     * {@inheritdoc}
     */
    public function hash($password) {
        $salt = base64_encode(openssl_random_pseudo_bytes(12));
        return $this->hashRaw($password, $salt).'$'.$salt;
    }

    /**
     * Hashes a password with a given salt.
     *
     * @param string $password The password to hash.
     * @param string $salt The password salt.
     * @return string Returns the password hash.
     */
    protected function hashRaw($password, $salt) {
        $calc_hash = sha1($salt.sha1($password));

        return $calc_hash;
    }

    /**
     * {@inheritdoc}
     */
    public function needsRehash($hash) {
        list($stored_hash, $stored_salt) = $this->splitHash($hash);

        // Unsalted hashes should be rehashed.
        if ($stored_hash === false || $stored_salt === false) {
            return true;
        }

        return false;
    }

    /**
     * {@inheritdoc}
     */
    public function verify($password, $hash) {
        list($stored_hash, $stored_salt) = $this->splitHash($hash);

        if (md5($password) == $stored_hash) {
            $result = true;
        } elseif (sha1($password) == $stored_hash) {
            $result = true;
        } elseif (sha1($stored_salt.sha1($password)) == $stored_hash) {
            $result = true;
        } else {
            $result = false;
        }

        return $result;
    }

    /**
     * Split the hash into its calculated hash and salt.
     *
     * @param string $hash The hash to split.
     * @return array An array in the form [$hash, $salt].
     */
    protected function splitHash($hash) {
        if (strpos($hash, '$') === false) {
            return [$hash, false];
        } else {
            $parts = explode('$', $hash, 2);
            return $parts;
        }
    }
}


1			<?php
2			/**
3			* @author Todd Burry <[email protected]>
4			* @copyright 2009-2014 Vanilla Forums Inc.
5			* @license MIT
6			*/
7
8			namespace Garden\Password;
9
10
11			/**
12			* Implements the password hashing algorithm of punBB.
13			*
14			* In order to use this class with passwords from a punbb database concatenate the password hashes and salts.
15			*
16			* ```php
17			* // php
18			* $hash = $password.'$'.$salt;
19			* ```
20			*
21			* ```sql
22			* -- mysql
23			* select concat(u.password, '$', u.salt) as password_hash
24			* from punbb_users u;
25			* ```
26			*/
27			class PunbbPassword implements IPassword {
28
29			/**
30			* {@inheritdoc}
31			*/
32	3		public function hash($password) {
33	3		$salt = base64_encode(openssl_random_pseudo_bytes(12));
34	3		return $this->hashRaw($password, $salt).'$'.$salt;
35			}
36
37			/**
38			* Hashes a password with a given salt.
39			*
40			* @param string $password The password to hash.
41			* @param string $salt The password salt.
42			* @return string Returns the password hash.
43			*/
44	3		protected function hashRaw($password, $salt) {
45	3		$calc_hash = sha1($salt.sha1($password));
46
47	3		return $calc_hash;
48			}
49
50			/**
51			* {@inheritdoc}
52			*/
53	1	View Code Duplication	public function needsRehash($hash) {
54	1		list($stored_hash, $stored_salt) = $this->splitHash($hash);
55
56			// Unsalted hashes should be rehashed.
57	1		if ($stored_hash === false \|\| $stored_salt === false) {
58			return true;
59			}
60
61	1		return false;
62			}
63
64			/**
65			* {@inheritdoc}
66			*/
67	3		public function verify($password, $hash) {
68	3		list($stored_hash, $stored_salt) = $this->splitHash($hash);
69
70	3		if (md5($password) == $stored_hash) {
71			$result = true;
72	3		} elseif (sha1($password) == $stored_hash) {
73			$result = true;
74	3		} elseif (sha1($stored_salt.sha1($password)) == $stored_hash) {
75	1		$result = true;
76	1		} else {
77	2		$result = false;
78			}
79
80	3		return $result;
81			}
82
83			/**
84			* Split the hash into its calculated hash and salt.
85			*
86			* @param string $hash The hash to split.
87			* @return array An array in the form [$hash, $salt].
88			*/
89	4		protected function splitHash($hash) {
90	4		if (strpos($hash, '$') === false) {
91	1		return [$hash, false];
92			} else {
93	3		$parts = explode('$', $hash, 2);
94	3		return $parts;
95			}
96			}
97			}
98

vanilla / garden

PunbbPassword A last analyzed 2017-08-29 15:20 UTC

Complexity

Size/Duplication

Coupling/Cohesion

Test Coverage

Importance

5 Methods

How to fix Duplicated Code

Duplicated Code

Duplication Side-by-Side

Filter issues like

PunbbPassword A
last analyzed 2017-08-29 15:20 UTC