ed4052f1d5
Fixed bug #69686 password_verify reports back error on PHP7 will null string.
...
The deprecation of DES salts created a warning when trying to verify them with password_hash. This bug fix adds a quiet mode to php_crypt() which is used by password_verify.
2015-05-21 17:12:51 -04:00
94e222c14d
Deprecate password_hash salt option
2015-04-09 15:51:04 -04:00
5f29b98051
Error on invalid octal (fixes PHPSadness #31 )
...
Further error checks
2015-01-17 18:50:28 +00:00
e5eb9530ab
Use "float" and "integer" in typehint and zpp errors
2014-12-21 13:23:02 +00:00
1751d5fabe
Really fix leaks, add test cases to prove it...
2012-10-06 10:38:41 -04:00
76f3295cdf
Expose PASSWORD_BCRYPT_DEFAULT_COST constant and update test to use it
2012-09-12 11:47:50 -04:00
e9a7bde829
Switch test to using strict comparison for crypt fallback
2012-09-12 11:37:56 -04:00
e8b7f5b35d
Add tests for password_get_info and password_needs_rehash
2012-09-12 11:21:08 -04:00
e05413ca59
Remove password_make_salt() from the implementation
2012-08-28 11:24:33 -04:00
707c9073b5
Switch second parameter to password_make_salt to be a flag
2012-07-11 22:15:56 -04:00
6943f2ab7f
Some more refactoring, make algo no longer optional
2012-07-03 08:24:31 -04:00
6cc3c65fbf
Remove php.ini setting for default bcrypt cost
2012-07-03 07:33:55 -04:00
da3d8bf514
Refactor password.c a bit, add different error checking
2012-06-28 15:29:40 -04:00
5f44be03af
Add tests and error checking for large salt requested values to prevent overflow on allocation
2012-06-26 23:09:08 -04:00
2b9591f11f
Update tests to check ini setting
2012-06-26 22:13:51 -04:00
e505316aeb
Add tests for password hashing
2012-06-26 22:05:25 -04:00
Anthony Ferrara