+
+ function pwdHash($new_password) {
+ $hash_prefix = '';
+ if (count($this->pwd_nonces)) {
+ $new_password .= $this->pwd_nonces[count($this->pwd_nonces) - 1];
+ $hash_prefix = (count($this->pwd_nonces) - 1).'|';
+ }
+ return $hash_prefix.password_hash($new_password, PASSWORD_DEFAULT, array('cost' => $this->pwd_cost));
+ }
+
+ function pwdVerify($password_to_verify, $userdata) {
+ $pwdhash = $userdata['pwdhash'];
+ if (preg_match('/^(\d+)\|(.+)$/', $userdata['pwdhash'], $regs)) {
+ $password_to_verify .= $this->pwd_nonces[$regs[1]];
+ $pwdhash = $regs[2];
+ }
+ return password_verify($password_to_verify, $pwdhash);
+ }
+
+ function pwdNeedsRehash($userdata) {
+ $nonceid = -1;
+ $pwdhash = $userdata['pwdhash'];
+ if (preg_match('/^(\d+)\|(.+)$/', $userdata['pwdhash'], $regs)) {
+ $nonceid = $regs[1];
+ $pwdhash = $regs[2];
+ }
+ if ($nonceid == count($this->pwd_nonces) - 1) {
+ return password_needs_rehash($pwdhash, PASSWORD_DEFAULT, array('cost' => $this->pwd_cost));
+ }
+ else {
+ return true;
+ }
+ }