Method crypt_private
has 34 lines of code (exceeds 25 allowed). Consider refactoring. Open
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
$output = '*1';
Function HashPassword
has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring. Open
function HashPassword($password)
{
$random = '';
if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method HashPassword
has 27 lines of code (exceeds 25 allowed). Consider refactoring. Open
function HashPassword($password)
{
$random = '';
if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
Function crypt_private
has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring. Open
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
$output = '*1';
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function encode64
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
function encode64($input, $count)
{
$output = '';
$i = 0;
do {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
The method HashPassword() has a Cyclomatic Complexity of 10. The configured cyclomatic complexity threshold is 10. Open
function HashPassword($password)
{
$random = '';
if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
- Read upRead up
- Exclude checks
CyclomaticComplexity
Since: 0.1
Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.
Example
// Cyclomatic Complexity = 11
class Foo {
1 public function example() {
2 if ($a == $b) {
3 if ($a1 == $b1) {
fiddle();
4 } elseif ($a2 == $b2) {
fiddle();
} else {
fiddle();
}
5 } elseif ($c == $d) {
6 while ($c == $d) {
fiddle();
}
7 } elseif ($e == $f) {
8 for ($n = 0; $n < $h; $n++) {
fiddle();
}
} else {
switch ($z) {
9 case 1:
fiddle();
break;
10 case 2:
fiddle();
break;
11 case 3:
fiddle();
break;
default:
fiddle();
break;
}
}
}
}
Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity
The method crypt_private() has a Cyclomatic Complexity of 10. The configured cyclomatic complexity threshold is 10. Open
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
$output = '*1';
- Read upRead up
- Exclude checks
CyclomaticComplexity
Since: 0.1
Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.
Example
// Cyclomatic Complexity = 11
class Foo {
1 public function example() {
2 if ($a == $b) {
3 if ($a1 == $b1) {
fiddle();
4 } elseif ($a2 == $b2) {
fiddle();
} else {
fiddle();
}
5 } elseif ($c == $d) {
6 while ($c == $d) {
fiddle();
}
7 } elseif ($e == $f) {
8 for ($n = 0; $n < $h; $n++) {
fiddle();
}
} else {
switch ($z) {
9 case 1:
fiddle();
break;
10 case 2:
fiddle();
break;
11 case 3:
fiddle();
break;
default:
fiddle();
break;
}
}
}
}
Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity
Classes should not have a constructor method with the same name as the class Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
ConstructorWithNameAsEnclosingClass
Since: 0.2
A constructor method should not have the same name as the enclosing class, consider to use the PHP 5 __construct method.
Example
class MyClass {
// this is bad because it is PHP 4 style
public function MyClass() {}
// this is good because it is a PHP 5 constructor
public function __construct() {}
}
Source https://phpmd.org/rules/naming.html#constructorwithnameasenclosingclass
Remove error control operator '@' on line 52. Open
function get_random_bytes($count)
{
$output = '';
if (is_readable('/dev/urandom') &&
($fh = @fopen('/dev/urandom', 'rb'))) {
- Read upRead up
- Exclude checks
ErrorControlOperator
Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.
Example
function foo($filePath) {
$file = @fopen($filPath); // hides exceptions
$key = @$array[$notExistingKey]; // assigns null to $key
}
Source http://phpmd.org/rules/cleancode.html#errorcontroloperator
The method crypt_private uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
} else {
$hash = pack('H*', md5($salt . $password));
do {
$hash = pack('H*', md5($hash . $password));
} while (--$count);
- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}
Source https://phpmd.org/rules/cleancode.html#elseexpression
Avoid assigning values to variables in if clauses and the like (line '52', column '8'). Open
function get_random_bytes($count)
{
$output = '';
if (is_readable('/dev/urandom') &&
($fh = @fopen('/dev/urandom', 'rb'))) {
- Read upRead up
- Exclude checks
IfStatementAssignment
Since: 2.7.0
Assignments in if clauses and the like are considered a code smell. Assignments in PHP return the right operand as their result. In many cases, this is an expected behavior, but can lead to many difficult to spot bugs, especially when the right operand could result in zero, null or an empty string and the like.
Example
class Foo
{
public function bar($flag)
{
if ($foo = 'bar') { // possible typo
// ...
}
if ($baz = 0) { // always false
// ...
}
}
}
Source http://phpmd.org/rules/cleancode.html#ifstatementassignment
Each class must be in a namespace of at least one level (a top-level vendor name) Open
class PasswordHash {
- Exclude checks
The property $iteration_count_log2 is not named in camelCase. Open
class PasswordHash {
var $itoa64;
var $iteration_count_log2;
var $portable_hashes;
var $random_state;
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
The parameter $iteration_count_log2 is not named in camelCase. Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
CamelCaseParameterName
Since: 0.2
It is considered best practice to use the camelCase notation to name parameters.
Example
class ClassName {
public function doSomething($user_name) {
}
}
Source
Avoid variables with short names like $i. Configured minimum length is 3. Open
$i = 0;
- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}
Source https://phpmd.org/rules/naming.html#shortvariable
The parameter $stored_hash is not named in camelCase. Open
function CheckPassword($password, $stored_hash)
{
$hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] == '*')
$hash = crypt($password, $stored_hash);
- Read upRead up
- Exclude checks
CamelCaseParameterName
Since: 0.2
It is considered best practice to use the camelCase notation to name parameters.
Example
class ClassName {
public function doSomething($user_name) {
}
}
Source
The property $portable_hashes is not named in camelCase. Open
class PasswordHash {
var $itoa64;
var $iteration_count_log2;
var $portable_hashes;
var $random_state;
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
Avoid variables with short names like $fh. Configured minimum length is 3. Open
($fh = @fopen('/dev/urandom', 'rb'))) {
- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}
Source https://phpmd.org/rules/naming.html#shortvariable
The parameter $portable_hashes is not named in camelCase. Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
CamelCaseParameterName
Since: 0.2
It is considered best practice to use the camelCase notation to name parameters.
Example
class ClassName {
public function doSomething($user_name) {
}
}
Source
The property $random_state is not named in camelCase. Open
class PasswordHash {
var $itoa64;
var $iteration_count_log2;
var $portable_hashes;
var $random_state;
- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}
Source
Avoid variables with short names like $id. Configured minimum length is 3. Open
$id = substr($setting, 0, 3);
- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}
Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $c2. Configured minimum length is 3. Open
$c2 = ord($input[$i++]);
- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}
Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $i. Configured minimum length is 3. Open
$i = 0;
- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}
Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $c1. Configured minimum length is 3. Open
$c1 = ord($input[$i++]);
- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}
Source https://phpmd.org/rules/naming.html#shortvariable
Visibility must be declared on property "$itoa64" Open
var $itoa64;
- Exclude checks
Visibility must be declared on property "$portable_hashes" Open
var $portable_hashes;
- Exclude checks
Opening brace of a class must be on the line after the definition Open
class PasswordHash {
- Exclude checks
The var keyword must not be used to declare a property Open
var $portable_hashes;
- Exclude checks
Visibility must be declared on property "$iteration_count_log2" Open
var $iteration_count_log2;
- Exclude checks
Visibility must be declared on property "$random_state" Open
var $random_state;
- Exclude checks
The var keyword must not be used to declare a property Open
var $iteration_count_log2;
- Exclude checks
Method name "PasswordHash::PasswordHash" is not in camel caps format Open
function PasswordHash($iteration_count_log2, $portable_hashes)
- Exclude checks
Visibility must be declared on method "PasswordHash" Open
function PasswordHash($iteration_count_log2, $portable_hashes)
- Exclude checks
The var keyword must not be used to declare a property Open
var $itoa64;
- Exclude checks
The var keyword must not be used to declare a property Open
var $random_state;
- Exclude checks
TRUE, FALSE and NULL must be lowercase; expected "true" but found "TRUE" Open
$hash = md5($hash . $password, TRUE);
- Exclude checks
Method name "PasswordHash::gensalt_private" is not in camel caps format Open
function gensalt_private($input)
- Exclude checks
Visibility must be declared on method "crypt_private" Open
function crypt_private($password, $setting)
- Exclude checks
Visibility must be declared on method "gensalt_blowfish" Open
function gensalt_blowfish($input)
- Exclude checks
Visibility must be declared on method "gensalt_extended" Open
function gensalt_extended($input)
- Exclude checks
Method name "PasswordHash::gensalt_blowfish" is not in camel caps format Open
function gensalt_blowfish($input)
- Exclude checks
TRUE, FALSE and NULL must be lowercase; expected "true" but found "TRUE" Open
$hash = md5($salt . $password, TRUE);
- Exclude checks
Visibility must be declared on method "encode64" Open
function encode64($input, $count)
- Exclude checks
Visibility must be declared on method "HashPassword" Open
function HashPassword($password)
- Exclude checks
Method name "PasswordHash::gensalt_extended" is not in camel caps format Open
function gensalt_extended($input)
- Exclude checks
Visibility must be declared on method "get_random_bytes" Open
function get_random_bytes($count)
- Exclude checks
Visibility must be declared on method "gensalt_private" Open
function gensalt_private($input)
- Exclude checks
Method name "PasswordHash::crypt_private" is not in camel caps format Open
function crypt_private($password, $setting)
- Exclude checks
Method name "PasswordHash::HashPassword" is not in camel caps format Open
function HashPassword($password)
- Exclude checks
Method name "PasswordHash::get_random_bytes" is not in camel caps format Open
function get_random_bytes($count)
- Exclude checks
Visibility must be declared on method "CheckPassword" Open
function CheckPassword($password, $stored_hash)
- Exclude checks
Method name "PasswordHash::CheckPassword" is not in camel caps format Open
function CheckPassword($password, $stored_hash)
- Exclude checks
Inline control structures are not allowed Open
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Exclude checks
Inline control structures are not allowed Open
if (function_exists('getmypid'))
- Exclude checks
Inline control structures are not allowed Open
if ($i < $count)
- Exclude checks
Inline control structures are not allowed Open
if (strlen($salt) != 8)
- Exclude checks
Inline control structures are not allowed Open
if ($i++ >= $count)
- Exclude checks
Inline control structures are not allowed Open
if ($i++ >= $count)
- Exclude checks
Inline control structures are not allowed Open
if (substr($setting, 0, 2) == $output)
- Exclude checks
Inline control structures are not allowed Open
if ($id != '$P$' && $id != '$H$')
- Exclude checks
Inline control structures are not allowed Open
if ($count_log2 < 7 || $count_log2 > 30)
- Exclude checks
Inline control structures are not allowed Open
if ($i < $count)
- Exclude checks
Inline control structures are not allowed Open
if (strlen($random) < 3)
- Exclude checks
Inline control structures are not allowed Open
if (strlen($hash) == 60)
- Exclude checks
Inline control structures are not allowed Open
if (strlen($hash) == 34)
- Exclude checks
Inline control structures are not allowed Open
if (strlen($hash) == 20)
- Exclude checks
Inline control structures are not allowed Open
if (strlen($random) < 6)
- Exclude checks
Inline control structures are not allowed Open
if ($hash[0] == '*')
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 2 Open
var $random_state;
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 2 Open
{
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$this->iteration_count_log2 = $iteration_count_log2;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 6 Open
$this->random_state .= getmypid();
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$this->random_state = microtime();
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 2 Open
function PasswordHash($iteration_count_log2, $portable_hashes)
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$this->portable_hashes = $portable_hashes;
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 2 Open
var $iteration_count_log2;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
if (function_exists('getmypid'))
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 2 Open
var $itoa64;
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 2 Open
var $portable_hashes;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 2 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 6 Open
$iteration_count_log2 = 8;
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output .= $this->itoa64[$value & 0x3f];
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 6 Open
break;
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output .= $this->itoa64[($value >> 18) & 0x3f];
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 0 Open
{
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$c1 = ($c1 & 0x03) << 4;
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
} while (1);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
return $output;
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$hash =
- Exclude checks
Closing brace indented incorrectly; expected 4 spaces, found 2 Open
}
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
return $output;
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
if (PHP_VERSION >= '5') {
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= $this->itoa64[($count >> 12) & 0x3f];
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
function gensalt_blowfish($input)
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output .= $itoa64[$c1];
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$random = $this->get_random_bytes(16);
- Exclude checks
Line indented incorrectly; expected at least 16 spaces, found 6 Open
md5(microtime() . $this->random_state);
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
if ($i++ >= $count)
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 6 Open
$value |= ord($input[$i]) << 16;
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 2 Open
{
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 0 Open
{
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
do {
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= '$';
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$value = ord($input[$i++]);
- Exclude checks
Line indented incorrectly; expected 12 spaces, found 4 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
return $output;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$count_log2 = strpos($this->itoa64, $setting[3]);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$count = (1 << $count_log2) - 1;
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
do {
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$c1 = ($c2 & 0x0f) << 2;
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output = '';
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 6 Open
$value |= ord($input[$i]) << 8;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$salt = substr($setting, 4, 8);
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output = '$2a$';
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$c1 = ord($input[$i++]);
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output .= $itoa64[$c1 >> 2];
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output .= $itoa64[$c1];
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output .= $itoa64[$c2 & 0x3f];
- Exclude checks
Line indented incorrectly; expected at least 14 spaces, found 6 Open
$output = fread($fh, $count);
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output = '$P$';
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
if ($count_log2 < 7 || $count_log2 > 30)
- Exclude checks
Line indented incorrectly; expected 12 spaces, found 4 Open
} while (--$count);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= chr(ord('0') + $this->iteration_count_log2 / 10);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$random = '';
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 4 Open
if (is_readable('/dev/urandom') &&
- Exclude checks
Line indented incorrectly; expected 12 spaces, found 4 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
return $output;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
((PHP_VERSION >= '5') ? 5 : 3), 30)];
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
if ($id != '$P$' && $id != '$H$')
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
} else {
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$hash = pack('H*', md5($salt . $password));
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output = substr($setting, 0, 12);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output = '_';
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$c1 |= $c2 >> 6;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
return $output;
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
function gensalt_private($input)
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 2 Open
$output .= $this->encode64($input, 6);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output = '*0';
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
return $output;
- Exclude checks
Line indented incorrectly; expected at least 16 spaces, found 6 Open
$hash = md5($hash . $password, TRUE);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
return $output;
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
function encode64($input, $count)
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
function gensalt_extended($input)
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 6 Open
break;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
return $output;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$output = '*1';
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
if (strlen($salt) != 8)
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= $this->encode64($input, 3);
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$c2 = ord($input[$i++]);
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
if ($i < $count)
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$id = substr($setting, 0, 3);
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected at least 16 spaces, found 6 Open
break;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$output = '';
- Exclude checks
Line indented incorrectly; expected 12 spaces, found 4 Open
for ($i = 0; $i < $count; $i += 16) {
- Exclude checks
Line indented incorrectly; expected at least 16 spaces, found 6 Open
$this->random_state =
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
} while ($i < $count);
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 2 Open
return $output;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
if (substr($setting, 0, 2) == $output)
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$hash = md5($salt . $password, TRUE);
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 0 Open
{
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= $this->itoa64[($count >> 6) & 0x3f];
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$c1 |= $c2 >> 4;
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 0 Open
{
- Exclude checks
Line indented incorrectly; expected at least 16 spaces, found 6 Open
$output .=
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$count = 1 << $count_log2;
- Exclude checks
Line indented incorrectly; expected 12 spaces, found 4 Open
} while (--$count);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$itoa64 = './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$i = 0;
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
crypt($password, $this->gensalt_blowfish($random));
- Exclude checks
Line indented incorrectly; expected at least 14 spaces, found 4 Open
fclose($fh);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output = '';
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
if ($i < $count)
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
if ($i++ >= $count)
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 0 Open
{
- Exclude checks
Line indented incorrectly; expected at least 16 spaces, found 6 Open
$hash = pack('H*', md5($hash . $password));
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= chr(ord('0') + $this->iteration_count_log2 % 10);
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
function HashPassword($password)
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 2 Open
function get_random_bytes($count)
- Exclude checks
Closing brace indented incorrectly; expected 2 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$i = 0;
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output .= $this->itoa64[($value >> 6) & 0x3f];
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output .= $this->itoa64[($value >> 12) & 0x3f];
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
function crypt_private($password, $setting)
- Exclude checks
Line indented incorrectly; expected 12 spaces, found 4 Open
do {
- Exclude checks
Line indented incorrectly; expected 12 spaces, found 4 Open
do {
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= $this->encode64($hash, 16);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$count_log2 = min($this->iteration_count_log2 + 8, 24);
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$output = substr($output, 0, $count);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= $this->itoa64[($count >> 18) & 0x3f];
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 6 Open
($fh = @fopen('/dev/urandom', 'rb'))) {
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$c2 = ord($input[$i++]);
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
if (strlen($hash) == 60)
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
if (strlen($output) < $count) {
- Exclude checks
Line indented incorrectly; expected at least 16 spaces, found 6 Open
pack('H*', md5($this->random_state));
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 0 Open
{
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= $this->itoa64[min($this->iteration_count_log2 +
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$output .= $this->itoa64[$count & 0x3f];
- Exclude checks
Line indented incorrectly; expected 12 spaces, found 4 Open
if ($i >= 16) {
- Exclude checks
Line indented incorrectly; expected at least 16 spaces, found 6 Open
$output .= $itoa64[$c1];
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 2 Open
return '*';
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$hash = crypt($password, $stored_hash);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$random = $this->get_random_bytes(6);
- Exclude checks
Multi-line function call not indented correctly; expected 2 spaces but found 4 Open
$this->gensalt_private($random));
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$this->crypt_private($password,
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
return $hash;
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected at least 4 spaces, found 0 Open
{
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 6 Open
return $hash;
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
if (strlen($random) < 3)
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
function CheckPassword($password, $stored_hash)
- Exclude checks
Opening parenthesis of a multi-line function call must be the last content on the line Open
$this->crypt_private($password,
- Exclude checks
Closing parenthesis of a multi-line function call must be on a line by itself Open
$this->gensalt_private($random));
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
return $hash == $stored_hash;
- Exclude checks
Line indented incorrectly; expected 4 spaces, found 0 Open
}
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
}
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$hash = $this->crypt_private($password, $stored_hash);
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
if ($hash[0] == '*')
- Exclude checks
A closing tag is not permitted at the end of a PHP file Open
?>
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
crypt($password, $this->gensalt_extended($random));
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
$hash =
- Exclude checks
Line indented incorrectly; expected 8 spaces, found 2 Open
if (CRYPT_EXT_DES == 1 && !$this->portable_hashes) {
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
$hash =
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 4 Open
if (strlen($hash) == 20)
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 4 Open
$this->gensalt_private($random));
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 2 Open
if (strlen($hash) == 34)
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 6 Open
$random = $this->get_random_bytes(3);
- Exclude checks
Line indented incorrectly; expected at least 12 spaces, found 6 Open
return $hash;
- Exclude checks
Line indented incorrectly; expected at least 8 spaces, found 2 Open
if (strlen($random) < 6)
- Exclude checks
The variable $count_log2 is not named in camelCase. Open
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
$output = '*1';
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $stored_hash is not named in camelCase. Open
function CheckPassword($password, $stored_hash)
{
$hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] == '*')
$hash = crypt($password, $stored_hash);
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $iteration_count_log2 is not named in camelCase. Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $count_log2 is not named in camelCase. Open
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
$output = '*1';
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $stored_hash is not named in camelCase. Open
function CheckPassword($password, $stored_hash)
{
$hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] == '*')
$hash = crypt($password, $stored_hash);
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $portable_hashes is not named in camelCase. Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $count_log2 is not named in camelCase. Open
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
$output = '*1';
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $count_log2 is not named in camelCase. Open
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
$output = '*1';
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $iteration_count_log2 is not named in camelCase. Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $count_log2 is not named in camelCase. Open
function gensalt_extended($input)
{
$count_log2 = min($this->iteration_count_log2 + 8, 24);
# This should be odd to not reveal weak DES keys, and the
# maximum valid value is (2**24 - 1) which is odd anyway.
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $iteration_count_log2 is not named in camelCase. Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $iteration_count_log2 is not named in camelCase. Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $stored_hash is not named in camelCase. Open
function CheckPassword($password, $stored_hash)
{
$hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] == '*')
$hash = crypt($password, $stored_hash);
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The variable $count_log2 is not named in camelCase. Open
function gensalt_extended($input)
{
$count_log2 = min($this->iteration_count_log2 + 8, 24);
# This should be odd to not reveal weak DES keys, and the
# maximum valid value is (2**24 - 1) which is odd anyway.
- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}
Source
The method gensalt_blowfish is not named in camelCase. Open
function gensalt_blowfish($input)
{
# This one needs to use a different order of characters and a
# different encoding scheme from the one in encode64() above.
# We care because the last character in our encoded string will
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method HashPassword is not named in camelCase. Open
function HashPassword($password)
{
$random = '';
if (CRYPT_BLOWFISH == 1 && !$this->portable_hashes) {
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method crypt_private is not named in camelCase. Open
function crypt_private($password, $setting)
{
$output = '*0';
if (substr($setting, 0, 2) == $output)
$output = '*1';
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method PasswordHash is not named in camelCase. Open
function PasswordHash($iteration_count_log2, $portable_hashes)
{
$this->itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31)
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method get_random_bytes is not named in camelCase. Open
function get_random_bytes($count)
{
$output = '';
if (is_readable('/dev/urandom') &&
($fh = @fopen('/dev/urandom', 'rb'))) {
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method gensalt_private is not named in camelCase. Open
function gensalt_private($input)
{
$output = '$P$';
$output .= $this->itoa64[min($this->iteration_count_log2 +
((PHP_VERSION >= '5') ? 5 : 3), 30)];
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method gensalt_extended is not named in camelCase. Open
function gensalt_extended($input)
{
$count_log2 = min($this->iteration_count_log2 + 8, 24);
# This should be odd to not reveal weak DES keys, and the
# maximum valid value is (2**24 - 1) which is odd anyway.
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}
Source
The method CheckPassword is not named in camelCase. Open
function CheckPassword($password, $stored_hash)
{
$hash = $this->crypt_private($password, $stored_hash);
if ($hash[0] == '*')
$hash = crypt($password, $stored_hash);
- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}