I'm creating a mass user import script in PHP for owncloud
. I read the users from a CSV file, then I'll add them to the owncloud database
. I'm having an issue with the passwords though. To my knowledge, owncloud uses password_hash()
with BCRYPT
. I have the passwordsalt
, but I'm not sure how to use that salt with password_hash()
.
Any help there guys?
Use salt in the option array like this
password_hash("rasmuslerdorf", PASSWORD_BCRYPT, array("cost" => 7, "salt" => "thisisyoursalt"));
But using your own salt is not a good idea. Let password_hash()
create a salt for your password. password_hash()
will create different salt for every password. It will increase your password security strength.
If the hashes are produced by password_hash()
or crypt()
, then the salt is included in the resulting hash value. To check a password against this hash, you can use the function password_verify() , this function extracts the salt and other parameters automatically.
// Check if the hash of the entered login password, matches the stored hash.
// The salt and the cost factor will be extracted from $existingHashFromDb.
$isPasswordCorrect = password_verify($password, $existingHashFromDb);
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.