summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #100 from borg4242/patch-1HEADorigin/masterorigin/HEADmasterAnthony Ferrara2017-03-201-1/+1
|\ | | | | Document erroneous return value more precisely
| * Document erroneous return value more preciselyGreg Bor2017-03-201-1/+1
|/ | | Proposed change for #30, just for clarity.
* Improve random generation to only trust openssl if strong is true (which is ↵Anthony Ferrara2015-08-111-5/+8
| | | | still bad due to openssl, but better)
* Update README.mdAnthony Ferrara2015-04-231-1/+1
| | | Change "being worked on for 5.5" to "shipped with 5.5"
* Merge pull request #79 from pine3ree/patch-1Anthony Ferrara2015-04-061-5/+5
|\ | | | | force integer type for algo and cost
| * force integer type for algo and costmaks feltrin2015-04-041-5/+5
|/ | | | in password_needs_rehash maybe also add type checking for $algo parameter as in password_hash
* Update README.mdAnthony Ferrara2015-02-041-0/+5
| | | Add security contact
* Merge pull request #74 from e3betht/code-climate-fixesAnthony Ferrara2015-01-092-10/+10
|\ | | | | Code Climate Fixes
| * Adding Code Climate badge to README file.e3betht2015-01-091-1/+1
| |
| * Adjusted variable names that were too long or too shorte3betht2015-01-061-9/+9
|/
* Add changelogAnthony Ferrara2014-11-201-0/+14
|
* Fix formatting from #56Anthony Ferrara2014-11-201-8/+8
|
* Fix a bunch of minor issues, including process isolation #64, formatting ↵Anthony Ferrara2014-11-202-250/+276
| | | | issues #56, supporting null and integer passwords #63 and #48
* Merge pull request #58 from remicollet/masterAnthony Ferrara2014-11-202-5/+22
|\ | | | | add PasswordCompat\binary\check() in the library
| * add PasswordCompat\binary\check() in the libraryRemi Collet2014-07-282-5/+22
| |
* | Merge pull request #69 from catchy-io/MissingPASSWORD_BCRYPT_DEFAULT_COSTAnthony Ferrara2014-11-201-4/+4
|\ \ | | | | | | Missing PASSWORD_BCRYPT_DEFAULT_COST constant
| * | Missing PASSWORD_BCRYPT_DEFAULT_COST constantPatrick Allaert2014-11-151-4/+4
| |/ | | | | | | | | This one is defined with PHP >= 5.5 and make this lib even more compatible by possibly using it.
* | Merge pull request #70 from GrahamCampbell/fixAnthony Ferrara2014-11-206-689/+45
|\ \ | |/ |/| Improve travis running of tests
| * Fixed the test configGraham Campbell2014-11-152-17/+19
| |
| * Added .gitattributesGraham Campbell2014-11-151-0/+8
| |
| * Fixed .gitignoreGraham Campbell2014-11-151-1/+3
| |
| * Composer fixesGraham Campbell2014-11-152-671/+15
|/
* Merge pull request #55 from GrahamCampbell/testingAnthony Ferrara2014-03-213-56/+281
|\ | | | | Test Updates
| * Testing updatesGraham Campbell2014-03-203-56/+281
|/
* Merge pull request #54 from h4cc/patch-1Anthony Ferrara2014-03-101-1/+2
|\ | | | | Added PHP 5.6 to travis.
| * Added PHP 5.6 to travis.Julius Beckmann2014-03-101-1/+2
|/
* Merge pull request #47 from simon-eQ/masterAnthony Ferrara2014-01-271-9/+10
|\ | | | | Update README.md
| * Update README.mdoO2014-01-241-9/+10
|/
* Whoops, forgot to install composer dev dependenciesAnthony Ferrara2014-01-081-0/+3
|
* Finish HHVM support... At least travis wiseAnthony Ferrara2014-01-084-1/+441
|
* Merge branch 'master' of github.com:ircmaxell/password_compatAnthony Ferrara2014-01-081-1/+1
|\
| * Merge pull request #41 from Jacques1/open-basedir-fixAnthony Ferrara2014-01-081-1/+1
| |\ | | | | | | Prevent warnings from open_basedir
| | * Prevent warnings from open_basedirJan Ewald2013-12-101-1/+1
| | |
* | | Add test to double-check that generated hash is a bcrypt hash. Partially ↵Anthony Ferrara2014-01-081-1/+4
|/ / | | | | | | fixes #45
* | Make tests pass on current 5.5 version, need to find a better way to account ↵Anthony Ferrara2014-01-081-1/+5
| | | | | | | | for newer builds
* | Merge branch 'encoding-fix' of https://github.com/Jacques1/password_compat ↵Anthony Ferrara2014-01-082-4/+16
|\ \ | | | | | | | | | into Jacques1-encoding-fix
| * | Fix wrong Base64 encoding (issue #38)Jan Ewald2013-12-092-3/+15
| |/
* | Add travis build support on HHVM, for better testingAnthony Ferrara2014-01-081-0/+1
| |
* | Move binary implementation to separate namespace (to avoid polluting the ↵Anthony Ferrara2014-01-081-20/+28
| | | | | | | | global namespace with non-core functions)
* | Fix handling of binary and ASCII stringsJan Ewald2013-12-101-12/+46
|/
* Merge pull request #35 from BitLucid/masterAnthony Ferrara2013-09-101-1/+1
|\ | | | | README: Popped in a link to the details of the security issue with bcrypt before 5.3.7...
| * README: Update reference to the security issue with bcrypt before 5.3.7, ↵Roy Ronalds2013-09-091-1/+1
|/ | | | for clarity.
* Merge pull request #32 from staabm/patch-1Anthony Ferrara2013-06-241-1/+1
|\ | | | | added link to php.net password_* chapter
| * added link to php.net password_* chapterMarkus Staab2013-06-241-1/+1
|/
* Merge pull request #31 from staabm/patch-1Anthony Ferrara2013-06-181-1/+1
|\ | | | | updated readme to show a php 5.3 compatible example
| * updated readme to show a php 5.3 compatible exampleMarkus Staab2013-06-181-1/+1
|/
* Merge pull request #26 from johncongdon/masterAnthony Ferrara2013-05-101-1/+1
|\ | | | | Fix for potential forward compatibility break.
| * Rely on checking for PASSWORD_DEFAULT, which should ALWAYS be available.johncongdon2013-05-091-1/+1
|/ | | | | | | | Since this is supposed to be forward compatible. What happens if BCRYPT is pulled one day for any reason? This would break forward compatibility, but relying on PASSWORD_DEFAULT should be safe. I think another option would be: if ( ! function_exists('password_hash') ) { }
* Update README.mdAnthony Ferrara2013-05-031-1/+1
| | | Update version information
* Reset raw length used as per #11Anthony Ferrara2013-04-301-2/+1
|
* Increment version numberv1.0.2Anthony Ferrara2013-04-301-1/+1
|
* Merge branch 'master' into v1.0Anthony Ferrara2013-04-301-8/+10
|\
| * Increase amount of randomness generated, to account for under-production ↵Anthony Ferrara2013-04-301-8/+10
| | | | | | | | with the base64 serialization identified by #11
* | update version info in composer.jsonv1.0.1Anthony Ferrara2013-04-301-1/+1
|/
* White space changesAnthony Ferrara2013-04-305-321/+321
|
* Merge pull request #20 from leight/phalanger_fixAnthony Ferrara2013-02-131-1/+1
|\ | | | | Phalanger Fix
| * Phalanger FixLeigh2013-02-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | While mcrypt_create_iv and MCRYPT_DEV_URANDOM are both available in Phalanger, when used it will generate a warning stating that the file (/dev/urandom) cannot be read from. The !$buffer_valid check would catch this, however there would still be a warning generated every time a password was hashed. In my opinion it is best to check if Phalanger is being used, and prevent this path from executing in the first place.
* | Merge pull request #19 from multiwebinc/patch-1Anthony Ferrara2013-02-131-11/+9
|\ \ | | | | | | Update lib/password.php
| * | Update lib/password.phpmultiwebinc2013-02-121-11/+9
|/ / | | | | Might as well check if the file exists and is readable instead of just checking if it exists and then suppressing errors trying to read it.
* | Fix travis version infoAnthony Ferrara2013-02-041-1/+0
| |
* | Add travis hookAnthony Ferrara2013-02-041-1/+2
| |
* | Add travis config fileAnthony Ferrara2013-02-043-6/+12
|/
* Merge pull request #16 from pborreli/patch-1Anthony Ferrara2013-01-291-1/+1
|\ | | | | Fixed typo
| * Fixed typoPascal Borreli2013-01-271-1/+1
|/
* Update readme information on version compatibilityv1.0.0Anthony Ferrara2013-01-141-1/+5
|
* Remove version checks, add version-test.phpAnthony Ferrara2013-01-143-10/+9
|
* Merge pull request #12 from bcremer/patch-1Anthony Ferrara2012-12-041-1/+1
|\ | | | | Fix invalid phpdoc
| * Fix invalid phpdocBenjamin Cremer2012-11-301-1/+1
|/
* Merge pull request for fixing buffer creation with xororigin/nicholas-grekas-xor-fixAnthony Ferrara2012-09-181-1/+1
|\
| * fixNicolas Grekas2012-09-181-1/+1
| |
* | Fix another bug due to the refactoring of the conditional function declarationAnthony Ferrara2012-09-171-2/+0
| |
* | Fix bug with fallback randomness when using a partial generated saltAnthony Ferrara2012-09-171-3/+2
|/
* Update documentationAnthony Ferrara2012-09-171-2/+64
|
* refactor password.php significantly, remove __password_make_salt(), inlining itAnthony Ferrara2012-09-171-57/+46
|
* Update license information to MIT LicenseAnthony Ferrara2012-09-173-2/+9
|
* Update license informationAnthony Ferrara2012-09-151-1/+1
|
* Add license informationAnthony Ferrara2012-09-151-0/+7
|
* Merge pull request #5 from nicolas-grekas/typo-n-hintAnthony Ferrara2012-09-141-2/+2
|\ | | | | fix typo and missing type hint
| * fix typo and missing type hintNicolas Grekas2012-09-141-2/+2
|/
* Add checks for <= 5.3.7, add checks for bad DES fallback hashesAnthony Ferrara2012-09-131-2/+8
|
* Update version requirementAnthony Ferrara2012-09-131-1/+1
| | | Updated the PHP version requirement, as support for BCRYPT `2y` mode wasn't added until 5.3.7, and bad results can happen on older versions of PHP...
* Fix package nameAnthony Ferrara2012-09-121-1/+1
|
* Add composer.json file, and update the readme slightlyAnthony Ferrara2012-09-072-1/+26
|
* Bring password back into compliance with patch, add unit testsAnthony Ferrara2012-09-077-53/+351
|
* Update for removal of php.ini setting.ircmaxell2012-07-031-2/+2
|
* Merge pull request #1 from s9e/patch-1ircmaxell2012-06-271-1/+1
|\ | | | | Added PCRE_DOLLAR_ENDONLY to ensure that $salt does not end with a newline
| * Added PCRE_DOLLAR_ENDONLY to ensure that $salt does not end with a newlines9e2012-06-271-1/+1
|/
* Update the compat layer to use the php.ini settings instead of the constantAnthony Ferrara2012-06-261-2/+2
|
* Fix bug with variable naming, take 2Anthony Ferrara2012-06-261-1/+1
|
* Fix bug with variable namingAnthony Ferrara2012-06-261-1/+1
|
* Update compat layer for recent changesAnthony Ferrara2012-06-251-24/+3
|
* Add compatibility layer for pre-5.5 functionalityAnthony Ferrara2012-06-251-0/+150
|
* Initial commitircmaxell2012-06-251-0/+4
generated by cgit v1.1 at 2025-06-03 12:49:22 +0000