Password Hashing with Phpass [SOLVED]

Archived from the Xataface Users forum.

Cyanto — Thu Jul 21, 2011 12:29 am

Hi to everybody,

I’m writing an application with Xataface and I need to change the encryption method by implementing Phpass.
I’ve no problem with password serialization. I had wrote a delegate class for my users table:

Code: Select all

function password__serialize(&$record){       $hash_cost_log2 = 64;       $hash_portable = FALSE;       $password = $record->val('password');       $hasher = new PasswordHash($hash_cost_log2, $hash_portable);       $hash = $hasher->HashPassword($password);       unset($hasher);       return $hash; }

My problem is at login. I don’t know how to implement Phpass to work at login.
Do I need to write a function in app delegate class?
Do I need to use a trigger?

Can anyone help me?

I’ve already searched in wiki, documentation and forum without success.

Thanks
Cyanto

---

shannah — Thu Jul 21, 2011 9:39 am

The fieldname__serialize() method takes the value to be serialized as a parameter rather than the record. Here is the signature:

Code: Select all

/**     * @brief Serializes a field value to prepare it for insertion into an SQL query.     *     * @param mixed $value The field value that is to be serialized.     * @return string The serialized value that is ready to be placed in an SQL query (though hasn't been escaped for quotes).     *     * @since 0.5     *     * @see Dataface_Serializer::serialize()     *     */    function fieldname__serialize($value);

Not sure why your method was working at all. It should have thrown a fatal error when you tried to call the val() method on $record.

-Steve

---

Cyanto — Fri Jul 22, 2011 12:34 am

shannah wrote:The fieldname__serialize() method takes the value to be serialized as a parameter rather than the record.

I’ve fixed my error. Password field serialization finally works fine.

I’m writing a Custom Authentication plugin to implement Phpass.

Thanks Steve!!