Phalcon Password Hashing

by Online Tutorials Library July 14, 2022

Phalcon Security

Phalcon provides the common security tasks to the developers such as:

Password Hashing.
Cross-Site Request Forgery protection (CSRF).

Password Hashing

It is a technique where password is stored in the encrypted form in the database. If the password is stored in the plain text format then any intruder that has the access to the database can easily view the passwords.

To avoid this problem password hashing has 2 techniques:

md5: It converts the plain text into hash of a 32-character hexadecimal number.
sha1: It converts the plain text into hash of a 40-character hexadecimal number.

Example

See this example of password hashing by using md5 technique:

  <?php    use PhalconMvcController;    class UsersController extends Controller  {      public function registerAction()      {          $user = new Users();            $login    = $this->request->getPost(‘login’);          $password = $this->request->getPost(‘password’);    if ($user === false) {               $this->flash->error(“Incorrect credentials”);               return $this->dispatcher->forward(array(                  ‘controller’ => ‘users’, ‘action’ => ‘index’               ));            }            $this->session->set(‘auth’, $user->id);             $this->flash->success(“You’ve been successfully logged in”);            $user->login = $login;            // Store the password hashed          $user->password = $this->security->hash($password);            $user->save();      }  }  

Output:

Phalcon Password Hashing 1

After successful login in database we can see password stored in hash format:

Phalcon Password Hashing 2

Next TopicPhalcon (CSRF)

Phalcon Password Hashing

Phalcon Security

Password Hashing

Insert PDF into Word File

Blending Modes in Photoshop

You may also like