PHP Classes

File: manual.txt

Recommend this page to a friend!
  Classes of Dave Smith   ghostHash   manual.txt   Download  
File: manual.txt
Role: Documentation
Content type: text/plain
Description: Documentation
Class: ghostHash
Generate and verify quick and strong key hashes
Author: By
Last change:
Date: 8 years ago
Size: 4,541 bytes


Class file image Download
Class: ghostHash Version: 1.0 11/10/2015 Copyright 2015 Wagon Trader, All Rights Reserved Description: This class is developed to be a secure key hashing application pre-loaded on the system. Files: ghosthash.class.php - Main class example.php - Usage examples Installation: The ghosthash.class.php file is intended to be pre-loaded onto the system. Follow these instructions for the best security. Upload the ghosthash.class.php file into a private folder which is not web accessible. Depending on your servers file system, this could be the /usr/ or /private/ folders. If you are not sure which folder to use, your server administrator should be able to help. If you only have access to public web accessible folders, that is okay, go ahead and upload the ghosthash.class.php file there. Web accessible folders will be 'public_html', /www/ or something similar. Change the auto_prepend_file setting in your php.ini file to load the ghosthash.class.php file. You must include the full path to file, so the instruction would look something like... auto_prepend_file = "/full/path/to/ghosthash.class.php" replacing /full/path/to/ with the actual path to the file. If you do not have access to the php.ini file, you can change the setting in your .htaccess file by including the line... php_value auto_prepend_file /full/path/to/ghosthash.class.php replacing /full/path/to/ with the actual path to the file. If you do not have access to the php.ini file or are not allowed to change php settings within the .htaccess file, you will need to get further instructions from your server admin to complete this step. If all else fails, do not worry, you can always include the ghosthash.class.php script inside your php scripts, however this is less secure when using quick hash methods. The example.php file can be included within your public document root and accessed through your browser to see ghostHash in action. Configuration: You should change the $pepper values in the ghost.class.php to a unique string only known to you. This variable is located in both the quickHash and verifyQuickHash methods and should be exaclty the same text in each. If you should want to use ghostHash as an object, you can uncomment the last line in the ghosthash.class.php file to automatically instantiate the class. This is not neccessary, since ghostHash was designed to be used staticly. Method Usage: ghostHash::quickHash(string key[,string salt=''][,string pepper='']) Use the quickHash method to return a fairly secure hash of the supplied key. You can salt the key by optionally supplying a salt string. You can over-ride the default pepper string by optionally supplying one. Returns a 32 character hash. ghostHash::verifyQuickHash(string key, string hash[,string salt=''][,string pepper='']) Use the verifyQuickHash method to verify the supplied key is valid for the supplied hash. If you supplied salt or pepper when generating the hash, you must supply them here as well. Returns true if valid or false if invalid ghostHash::strongHash(string key[,cost=10]) Use the strongHash method to generate a very strong hash for the supplied key The optional cost value can be supplied to set the computational cost based on your system, the calculateCost method can be used to get the best value. Returns a 60 charachter hash. This may increase in the future, is is best to store these hashes in a 255 character field. ghostHash::calculateCost(void) Use the calculateCost method to determine the best cost value used with strong hashes. Returns the best cost value to use. ghostHash::verifyStrongHash(string key, string hash) Use the verifyStrongHash method to verify the supplied key is valid for the supplied hash. Returns true if valid or false if invalid ghostHash::newStrongHash(string hash[,int cost=10]) Use the newStrongHash method to determine if a new hash should be generated. If there has been a change in the best cost or hashing algorythm, this method can be used to check that the supplied hash meets these standards. Returns true if a new hash should be generated or false if the hash is still within standards. ghostHash::strongHashInfo(string hash) Use the strongHashInfo method to get information on the supplied hash. Returns an array of algo (algorythm used), algoName (human readable name of algorythm) and options used to generate the algorythm. Changelog 1.0 Initial release