lithium\security\Password::check()

public static method

Compares a password and its hashed value using PHP's crypt(). Rather than a simple string comparison, this method uses a constant-time algorithm to defend against timing attacks.

Parameters

  • string $password

    The user-supplied plaintext password to check.

  • string $hash

    The known hashed password to compare it to.

Returns

boolean

Returns a boolean indicating whether the password is correct.

Source

	public static function check($password, $hash) {
		return Hash::compare($hash, crypt($password, $hash));
	}