1.2.317. Crypto Usage¶
Usage of cryptography and hashes functions.
The functions listed are the native PHP functions, and do not belong to a specific extension, like OpenSSL, mcrypt or mhash.
Cryptography and hashes are mainly used for storing sensitive data, such as passwords, or to verify authenticity of data. They may also be used for name-randomization with cache.
<?php
if (md5($_POST['password']) === $row['password_hash']) {
user_login($user);
} else {
error('Wrong password');
}
?>
See also Cryptography Extensions.
1.2.317.1. Specs¶
Short name |
Php/CryptoUsage |
Rulesets |
|
Exakat since |
1.0.4 |
PHP Version |
All |
Severity |
|
Time To Fix |
|
Precision |
Very high |
Features |
crypto |
Available in |