Updated March 18, 2023
Introduction to Hashing Function in PHP
Hashing function in PHP is a special method pre-defined and used for indicating a string in the form of a definite value measured from the string’s characters. It is popular for its application as an encryption algorithm and as an index value representation for items in the database. The most commonly used types of hashing algorithm in the process of data encryption are SHA1() and MD5(). In PHP, the hashing function are of four different types, like Hash_equals, Hash_final, Hash_init and Hash_copy.
How does Hashing Function works?
PHP is a server-side programming language and its major role is it has to process the back-end functionality required for a particular application. In this process, authentication plays a vital role as vulnerabilities can exploit the data easily. One way of securing the data is to store it in the database in its original form but this could lead to a situation where the intruder/unauthorized person can take the data easily and it can be compromised. This situation can be easily handled by using Hashing functions.
Hash functions encrypt the data in its true form hence without changing its meaning. So, when a user enters the data in its true form the data will get encrypted in the backend and thus authentication and authorization of the data process happens. The most commonly used hash algorithms are md5 (), sha1 () and few hash functions. These algorithms are used by the developer to authenticate the data entered by the user is correct or not to proceed further with the process.
1. MD5()
This algorithm is one of the powerful hashing algorithms which calculates the md5 hash i.e. the hash of 16 or 32-character hexadecimal number of a particular string. This string passed will be converted into the encrypted hexadecimal form.
Syntax:
string md5 ($string, $getRawOutput)
The above syntax indicated the $string as the input string. The raw output is an optional input as the developer wants to convert it to 16 bit or 32 bit. If 16 bit has to enable it has to be set TRUE Boolean and passed to the function. If it is not set then the default of 32 bit is set automatically.
Example:
md5 (EduCBA, TRUE)
2. SHA1 ()
This algorithm is one of the powerful hashing algorithms which calculates the sha1 hash i.e. the hash of 20 character binary format or 40-character hexadecimal number of a particular string. This string passed will be converted into the encrypted hexadecimal form.
Syntax:
string sha1 ($string, $getRawOutput)
The above syntax indicated the $string as the input string. The raw output is an optional input as the developer wants it to be of 20 bit or 40 bit. If 20 bit has to enable it has to be set TRUE Boolean and passed to the function. If it is not set then the default of 40 bit is set automatically.
Example:
sha1 (EduCBA, TRUE)
Hashing Function in PHP
The below listed are few hashing functions used in PHP to encrypt/convert the data from original to hashed form.
1. Hash_equals
This function compares the two strings at the same time whether they are equal or not. This function returns TRUE when the strings are equal and FALSE if the strings are not equal. Both the arguments should be the same to compare the strings else it will immediately return false without even comparing strings alphabetically and sometimes the length of the string can also be revealed in case of timing attack.
2. Hash_final
This function returns a hash digest of the input string passed to this function. When the raw output set to TRUE then it gives raw binary data and when it is set to FALSE it gives a lowercase hexadecimal number. This function returns a calculated hexadecimal digest of the string as an output.
3. Hash_init
This function is used along with the hashing algorithms i.e. md5 (), sha (), etc. This function along with the hashing algorithms produces output to use with hash_update (), hash final (), etc. The output of the hash_init is stored in a string or variable and passed to any one of the functions.
4. Hash_copy
This function is used to copy the hashing context. The string passed as an input to the function is hashed by one of the algorithms used in hash_init() function and the corresponding output would be the hashed string which is passed to this function. This function returns a hashed form of the output given by the hash_init function.
Examples of Hashing Function in PHP
The following is a list of hashing function in PHP explained in detail,
Example #1
Code:
<?php
$c = hash_init("md5");
hash_update($c, "content");
$copy_c = hash_copy($c);
echo hash_final($c);
hash_update($copy_c, "content");
echo hash_final($copy_c), "\n";
?>
Output:
Example #2
Code:
<?php
$expected = crypt('leela123', '$2a$07$user$');
$right = crypt('leela123', '$2a$07$user$');
$wrong = crypt('leeeela233', '$2a$07$usedwrongstring$');
var_dump(hash_equals($expected, $right));
var_dump(hash_equals($expected, $wrong));
?>
Output:
Example #3
Code:
<?php
$hash = hash_init('sha1');
hash_update($hash, 'This is an example of PHP Hash function');
echo hash_final($hash);
?>
Output:
Conclusion
In this article, we discussed what is hashing and its various algorithms. Also, we discussed a few hashing functions used in PHP to encrypt the data to prevent malicious and vulnerable attacks. Because of these attacks, the data is not secure and loss of data occurs. So, the hashing technique was introduced so that there will be no loss of data and it will be secured by various attacks.
Recommended Articles
This is a guide to Hashing Functions in PHP. Here we discuss its working, syntax, and top 4 hashing function in PHP with examples and code implementation. You may also look at the following articles to learn more –