Using the PHP Function Sha1 to Hash Your Passwords

PHP’s built-in sha1 function is a very useful and powerful hashing function. It can take a string and produce its corresponding hash value, which is then printed on output. It also provides a very quick and simple way to verify whether two strings are equal.

The SHA-1 (Secure Hash Algorithm 1) algorithm is a cryptographic function that produces a 160-bit hash value from an input string. This hash value cannot be reversed to determine the original string from which it was created, making it almost impossible for a third party to spoof your data.

This is one of the most popular methods for generating passwords. However, as cybercrime becomes more sophisticated it’s time to move on from plain old sha1. Fortunately, PHP comes with some smarter password hashing functions: password_hash() and password_verify().

Both functions use the same SHA-1 algorithm, but are faster and more secure than sha1(). In addition, they support more encodings and can be used with multiple types of input.

The function takes two arguments: the string you want to hash and an optional boolean value that specifies the raw output format. If you set this to TRUE, the function will return the hash in a 16 bit format instead of the 32 bit format it uses by default.

If you don’t set this, the function will return a lowercase hex string of length 32 or raw binary data of length 16. This article has been updated from its original version in Hacking with PHP. Download the latest edition of this comprehensive, hands-on guide to learning PHP.

Andreas Behr - CTO of DesertCoderz
You are a developer and looking for Shopware projects?
Apply Now!

sha1 example


        // default to cache_id and compile_id of Smarty object         $cache_id = $cache_id === null ? $this->cache_id : $cache_id;
        $compile_id = $compile_id === null ? $this->compile_id : $compile_id;
        // already in template cache?         if ($this->allow_ambiguous_resources) {
            $_templateId = Smarty_Resource::getUniqueTemplateName($this$template) . $cache_id . $compile_id;
        } else {
            $_templateId = $this->joined_template_dir . '#' . $template . $cache_id . $compile_id;
        }
        if (isset($_templateId[150])) {
            $_templateId = sha1($_templateId);
        }
        if ($do_clone) {
            if (isset($this->template_objects[$_templateId])) {
                // return cached template object                 $tpl = clone $this->template_objects[$_templateId];
                $tpl->smarty = clone $tpl->smarty;
                $tpl->parent = $parent;
                $tpl->tpl_vars = array();
                $tpl->config_vars = array();
            } else {
                $tpl = new $this->template_class($templateclone $this$parent$cache_id$compile_id);
            }
if ($tpl->source->exists) {
                $uid = $tpl->source->uid;
            }
            
            // remove from template cache             if ($smarty->allow_ambiguous_resources) {
                $_templateId = $tpl->source->unique_resource . $tpl->cache_id . $tpl->compile_id;
            } else {
                $_templateId = $smarty->joined_template_dir . '#' . $resource_name . $tpl->cache_id . $tpl->compile_id;
            }
            if (isset($_templateId[150])) {
                $_templateId = sha1($_templateId);
            }
            unset($smarty->template_objects[$_templateId]);
        }
        return $uid;
    }

    /** * Sanitize CacheID components * * @param string $string CacheID component to sanitize * @return string sanitized CacheID component */
class Smarty_Internal_Resource_String extends Smarty_Resource {

    /** * populate Source Object with meta data from Resource * * @param Smarty_Template_Source $source source object * @param Smarty_Internal_Template $_template template object * @return void */
    public function populate(Smarty_Template_Source $source, Smarty_Internal_Template $_template=null)
    {
        $source->uid = $source->filepath = sha1($source->name);
        $source->timestamp = 0;
        $source->exists = true;
    }

    /** * Load template's source from $resource_name into current template object * * @uses decode() to decode base64 and urlencoded template_resources * @param Smarty_Template_Source $source source object * @return string template source */
    
$tpl = new $smarty->template_class($resource_name$smarty);
            $smarty->caching = $_save_stat;

            // remove from template cache             $tpl->source; // have the template registered before unset()             if ($smarty->allow_ambiguous_resources) {
                $_templateId = $tpl->source->unique_resource . $tpl->cache_id . $tpl->compile_id;
            } else {
                $_templateId = $smarty->joined_template_dir . '#' . $resource_name . $tpl->cache_id . $tpl->compile_id;
            }
            if (isset($_templateId[150])) {
                $_templateId = sha1($_templateId);
            }
            unset($smarty->template_objects[$_templateId]);

            if ($tpl->source->exists) {
                 $_resource_part_1 = basename(str_replace('^', '/', $tpl->compiled->filepath));
                 $_resource_part_1_length = strlen($_resource_part_1);
            } else {
                return 0;
            }

            $_resource_part_2 = str_replace('.php','.cache.php',$_resource_part_1);
            
return new UuidV3(self::format($uuid, '-3'));
    }

    final public static function v4(): UuidV4
    {
        return new UuidV4();
    }

    final public static function v5(self $namespace, string $name): UuidV5
    {
        // don't use uuid_generate_sha1(), some versions are buggy         $uuid = substr(sha1(hex2bin(str_replace('-', '', $namespace->uid)).$name, true), 0, 16);

        return new UuidV5(self::format($uuid, '-5'));
    }

    final public static function v6(): UuidV6
    {
        return new UuidV6();
    }

    final public static function v7(): UuidV7
    {
        
private function setContextCookie(Request $request, ShopContextInterface $context, Response $response): void
    {
        $hash = json_encode($context->getTaxRules()) . json_encode($context->getCurrentCustomerGroup());

        $hash = $this->eventManager->filter('Shopware_Plugins_HttpCache_ContextCookieValue', $hash[
            'shopContext' => $context,
            'session' => $this->session,
            'request' => $request,
            'response' => $response,
        ]);

        $response->setCookie('x-cache-context-hash', sha1($hash), 0, $request->getBasePath() . '/', null, $request->isSecure());
    }
}
case 'numeric':
                $max  = 10 ** $len - 1;
                $rand = random_int(0, $max);

                return sprintf('%0' . $len . 'd', $rand);

            case 'md5':
                return md5(uniqid((string) mt_rand(), true));

            case 'sha1':
                return sha1(uniqid((string) mt_rand(), true));

            case 'crypto':
                if ($len % 2 !== 0) {
                    throw new InvalidArgumentException(
                        'You must set an even number to the second parameter when you use `crypto`.'
                    );
                }

                return bin2hex(random_bytes($len / 2));
        }

        


        $value = (string) $value;
        if ('' === $value) {
            return;
        }

        if ('UTF-8' !== $this->charset) {
            $value = mb_convert_encoding($value, 'UTF-8', $this->charset);
        }

        $hash = strtoupper(sha1($value));
        $hashPrefix = substr($hash, 0, 5);
        $url = sprintf($this->endpoint, $hashPrefix);

        try {
            $result = $this->httpClient->request('GET', $url['headers' => ['Add-Padding' => 'true']])->getContent();
        } catch (ExceptionInterface $e) {
            if ($constraint->skipOnError) {
                return;
            }

            throw $e;
        }

    public function populate(Smarty_Template_Source $source, Smarty_Internal_Template $_template=null)
    {
        $source->filepath = $this->buildFilepath($source$_template);

        if ($source->filepath !== false) {
            if (is_object($source->smarty->security_policy)) {
                $source->smarty->security_policy->isTrustedResourceDir($source->filepath);
            }

            $source->uid = sha1($source->filepath);
            if ($source->smarty->compile_check) {
                $source->timestamp = @filemtime($source->filepath);
                $source->exists = !!$source->timestamp;
            }
        }
    }

    /** * populate Source Object with timestamp and exists from Resource * * @param Smarty_Template_Source $source source object * @return void */
$_compile_id = '';
        }
        $_cache_dir = $_template->smarty->getCacheDir();
        if ($_template->smarty->cache_locking) {
            // create locking file name             // relative file name?             if (!preg_match('/^([\/\\\\]|[a-zA-Z]:[\/\\\\])/', $_cache_dir)) {
                $_lock_dir = rtrim(getcwd(), '/\\') . DS . $_cache_dir;
            } else {
                $_lock_dir = $_cache_dir;
            }
            $cached->lock_id = $_lock_dir.sha1($_cache_id.$_compile_id.$_template->source->uid).'.lock';
        }
        $cached->filepath = $_cache_dir . $_cache_id . $_compile_id . $_filepath . '.' . basename($_source_file_path) . '.php';
        $cached->timestamp = @filemtime($cached->filepath);
        $cached->exists = !!$cached->timestamp;
    }

    /** * populate Cached Object with timestamp and exists from Resource * * @param Smarty_Template_Cached $cached cached object * @return void */
$customer = $this->customerRepository->search($criteria, Context::createDefaultContext())->first();

        $this->browser
            ->request(
                'POST',
                '/store-api/account/register-confirm',
                [],
                [],
                ['CONTENT_TYPE' => 'application/json'],
                json_encode([
                    'hash' => $customer->getHash(),
                    'em' => sha1('teg-reg@example.com'),
                ], \JSON_THROW_ON_ERROR)
            );

        static::assertSame(200, $this->browser->getResponse()->getStatusCode());

        $this->browser
            ->request(
                'POST',
                '/store-api/account/login',
                [],
                [],
                [


        $transport = self::createTransport(new MockHttpClient($responses));
        $transport->send($smsMessage);

        $body = $lastResponse->getRequestOptions()['body'];
        $headers = $lastResponse->getRequestOptions()['headers'];
        $signature = explode(': ', $headers[4])[1];

        $endpoint = 'https://eu.api.ovh.com/1.0/sms/serviceName/jobs';
        $toSign = 'applicationSecret+consumerKey+POST+'.$endpoint.'+'.$body.'+'.$time;
        $this->assertSame('$1$'.sha1($toSign)$signature);
    }

    public function testInvalidReceiver()
    {
        $smsMessage = new SmsMessage('invalid_receiver', 'lorem ipsum');

        $data = json_encode([
            'totalCreditsRemoved' => '1',
            'invalidReceivers' => ['invalid_receiver'],
            'ids' => [],
            'validReceivers' => [],
        ]);
/** @var string $revision */
        $revision = $container->getParameter('shopware.release.revision');

        $locale = $this->getCurrentLocale();
        $container->get('locale')->setLocale($locale->toString());
        $container->get('snippets')->setLocale($locale);
        $template = $container->get(Enlight_Template_Manager::class);
        $baseHash = $this->request->getScheme() . '://'
                  . $this->request->getHttpHost()
                  . $this->request->getBaseUrl() . '?'
                  . $revision;
        $baseHash = substr(sha1($baseHash), 0, 5);
        $template->setCompileId('backend_' . $locale->toString() . '_' . $baseHash);

        if ($this->action !== null && $this->action->View()->hasTemplate()) {
            $this->action->View()->Template()->setCompileId($template->getCompileId());
        }
    }

    /** * Loads current user's locale or, if none exists, the default fallback * * @throws Exception * * @return Locale */
protected function setUp(): void
    {
        $this->pool = $this->createMock(CacheItemPoolInterface::class);
        $this->storage = new CacheStorage($this->pool);
    }

    public function testSave()
    {
        $cacheItem = $this->createMock(CacheItemInterface::class);
        $cacheItem->expects($this->exactly(2))->method('expiresAfter')->with(10);

        $this->pool->expects($this->any())->method('getItem')->with(sha1('test'))->willReturn($cacheItem);
        $this->pool->expects($this->exactly(2))->method('save')->with($cacheItem);

        $window = new Window('test', 10, 20);
        $this->storage->save($window);

        $window = unserialize(serialize($window));
        $this->storage->save($window);
    }

    public function testFetchExistingState()
    {
        


        $value = (string) $value;
        if ('' === $value) {
            return;
        }

        if ('UTF-8' !== $this->charset) {
            $value = mb_convert_encoding($value, 'UTF-8', $this->charset);
        }

        $hash = strtoupper(sha1($value));
        $hashPrefix = substr($hash, 0, 5);
        $url = sprintf($this->endpoint, $hashPrefix);

        try {
            $result = $this->httpClient->request('GET', $url['headers' => ['Add-Padding' => 'true']])->getContent();
        } catch (ExceptionInterface $e) {
            if ($constraint->skipOnError) {
                return;
            }

            throw $e;
        }
Home | Imprint | This part of the site doesn't use cookies.