PHP code example of yarri / my-blowfish

1. Go to this page and download the library: Download yarri/my-blowfish library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php.
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

    

yarri / my-blowfish example snippets


$password = "honeyBump";
MyBlowfish::IsHash($password); // false

$hash = MyBlowfish::Filter($password);
MyBlowfish::IsHash($hash); // true

// A different salt is used automatically in another call of Filter().
// So the new hash from the same password differs from the old one.
$hash2 = MyBlowfish::Filter($password); // $hash2 !== $hash

// Filter() doesn't make hash from a hash!
$hash3 = MyBlowfish::Filter($hash); // $hash3 === $hash

// There is also method GetHash() which makes hash in every case.
$hash4 = MyBlowfish::GetHash($hash); // $hash4 !== $hash

MyBlowfish::CheckPassword($password, $hash);     // true
MyBlowfish::CheckPassword("badTry", $hash);      // false
MyBlowfish::CheckPassword($hash, $hash);         // false

MyBlowfish::CheckPassword($password, $hash2);    // true

MyBlowfish::CheckPassword($password, $hash4);    // false
MyBlowfish::CheckPassword($hash, $hash4);        // true

MyBlowfish::CheckPassword($password, $password); // false; 2nd param is not a blowfish hash

// min     .. 4
// max     .. 31
// optimal .. 10, 11, 12
// default .. 12
define('MY_BLOWFISH_ROUNDS', 12);

// default .. '$2y$'
define('MY_BLOWFISH_PREFIX', '$2b$');


// file: app/models/user.php
class User extends ApplicationModel {

  /**
   * During a new user creation it provides transparent password hashing when it's needed
   *
   *    $user = User::CreateNewRecord([
   *      "login" => "rambo",
   *      "password" => "secret123"
   *    ]);
   */
  static function CreateNewRecord($values, $options = []) {
    if (isset($values["password"])) {
      $values["password"] = MyBlowfish::Filter($values["password"]);
    }
    return parent::CreateNewRecord($values, $options);
  }

  /**
   * It provides transparent password hashing during setting new values
   *
   *    $rambo->setValues(["password" => "newModelArmy"]);
   */
  function setValues($values, $options = []) {
    if (isset($values["password"])) {
      $values["password"] = MyBlowfish::Filter($values["password"]);
    }
    return parent::setValues($values, $options);
  }

  /**
   * Returns user when login and password are correct and user is active and not deleted
   * 
   *    $user = User::Login("rambo","secret123");
   */
  static function Login($login,$password,&$bad_password = false){
    $bad_password = false;
    $user = User::FindByLogin($login);
    if(!$user){ return; }
    if($user->isDeleted()){ return; }
    if(!$user->isActive()){ return; }
    if($user->isPasswordCorrect($password)){
      return $user;
    }
    $bad_password = true;
  }

  function isPasswordCorrect($password){
    return MyBlowfish::CheckPassword($password,$this->getPassword());
  }
}

php > $user = User::CreateNewRecord(['login' => 'rambo', 'password' => 'secret123']);
php > echo $user->getPassword();
$2y$12$w984Nf6g67ZZKqvXgQWqwuj4mOn9Ptmw.dMNs/A7G9Cj/mt/w5buy
php > $user->setValue('password', 'newModelArmy');
php > echo $user->getPassword();
$2y$12$2ljCknUGAtf5lSAo0txoFO9qqGH2dxLDr31Ii4VSHca0Zb8cHZZgu
php > $user->setValue('password', '$2y$12$2ljCknUGAtf5lSAo0txoFO9qqGH2dxLDr31Ii4VSHca0Zb8cHZZgu');
php > echo $user->getPassword();
$2y$12$2ljCknUGAtf5lSAo0txoFO9qqGH2dxLDr31Ii4VSHca0Zb8cHZZgu