Implement password_verify

author Anthony Ferrara <ircmaxell@ircmaxell.com>

Mon, 25 Jun 2012 03:35:26 +0000 (23:35 -0400)

committer Anthony Ferrara <ircmaxell@ircmaxell.com>

Mon, 25 Jun 2012 03:35:26 +0000 (23:35 -0400)
author Anthony Ferrara <ircmaxell@ircmaxell.com>
Mon, 25 Jun 2012 03:35:26 +0000 (23:35 -0400)
committer Anthony Ferrara <ircmaxell@ircmaxell.com>
Mon, 25 Jun 2012 03:35:26 +0000 (23:35 -0400)
diff --git a/ext/standard/password.c b/ext/standard/password.c

index 9201ff3f8d1fed2260d2526b5038f56243242bfd..665e69f28ce3b659ec7e64c8ce421e5be0702117 100644 (file)
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -112,6 +112,33 @@ static int php_password_make_salt(int length, int raw, char *ret)
  
  PHP_FUNCTION(password_verify)
  {
+       zval *password, *hash, *ret;
+       int status = 0, i;
+
+       if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "zz", &password, &hash) == FAILURE) {
+                RETURN_FALSE;
+        }
+
+       zend_call_method_with_2_params(NULL, NULL, NULL, "crypt", &ret, password, hash);
+       
+       if (Z_TYPE_P(ret) != IS_STRING) {
+               zval_ptr_dtor(&ret);
+               RETURN_FALSE;
+       }
+
+       if (Z_STRLEN_P(ret) != Z_STRLEN_P(hash)) {
+               zval_ptr_dtor(&ret);
+               RETURN_FALSE;
+       }
+
+       for (i = 0; i < Z_STRLEN_P(ret); i++) {
+               status |= (Z_STRVAL_P(ret)[i] ^ Z_STRVAL_P(hash)[i]);
+       }
+
+       zval_ptr_dtor(&ret);
+
+       RETURN_BOOL(status == 0);
+       
  }
  
  PHP_FUNCTION(password_make_salt)
author	Anthony Ferrara <ircmaxell@ircmaxell.com>
	Mon, 25 Jun 2012 03:35:26 +0000 (23:35 -0400)
committer	Anthony Ferrara <ircmaxell@ircmaxell.com>
	Mon, 25 Jun 2012 03:35:26 +0000 (23:35 -0400)