password_needs_rehash

password_needs_rehash

Checks if the given hash matches the given options

bool **password_needs_rehash** string $hash  $algo array $options

This function checks to see if the supplied hash implements the algorithm and options provided. If not, it is assumed that the hash needs to be rehashed.

hashpassword.parameter.hash

algopassword.parameter.algo

optionspassword.parameter.options

Returns true if the hash should be rehashed to match the given and , or false otherwise. algo``options

**Voorbeeld: Usage of **

<?php

$password = 'rasmuslerdorf';
$hash = '$2y$12$4Umg0rCJwMswRw/l.SwHvuQV01coP0eWmGzd61QH2RvAOMANUBGC.';

$algorithm = PASSWORD_BCRYPT;
// bcrypt's cost parameter can change over time as hardware improves
$options = ['cost' => 13];

// Verify stored hash against plain-text password
if (password_verify($password, $hash)) {
    // Check if either the algorithm or the options have changed
    if (password_needs_rehash($hash, $algorithm, $options)) {
        // If so, create a new hash, and replace the old one
        $newHash = password_hash($password, $algorithm, $options);

        // Update the user record with the $newHash
    }

    // Perform the login.
}
?>