AdminUser::generateSalt PHP Method

AdminUser Class Documentation Show file Open project: yinhe/yincart

generateSalt() protected method

The {@link http://php.net/manual/en/function.crypt.php PHP crypt() built-in function} requires, for the Blowfish hash algorithm, a salt string in a specific format: - "$2a$" - a two digit cost parameter - "$" - 22 characters from the alphabet "./0-9A-Za-z".
protected generateSalt ( $cost = 10 ) : string
return string the salt 
    protected function generateSalt($cost = 10)
    {
        if (!is_numeric($cost) || $cost < 4 || $cost > 31) {
            throw new CException(Yii::t('Cost parameter must be between 4 and 31.'));
        }
        // Get some pseudo-random data from mt_rand().
        $rand = '';
        for ($i = 0; $i < 8; ++$i) {
            $rand .= pack('S', mt_rand(0, 0xffff));
        }
        // Add the microtime for a little more entropy.
        $rand .= microtime();
        // Mix the bits cryptographically.
        $rand = sha1($rand, true);
        // Form the prefix that specifies hash algorithm type and cost parameter.
        $salt = '$2a$' . str_pad((int) $cost, 2, '0', STR_PAD_RIGHT) . '$';
        // Append the random salt string in the required base64 format.
        $salt .= strtr(substr(base64_encode($rand), 0, 22), array('+' => '.'));
        return $salt;
    }
AdminUser
attributeLabels
generateSalt
hashPassword
model
relations
rules
search
tableName
validatePassword