Database and File Salt for Zend_Auth

Question

In my application I have a table row salt, and a static salt set in my Zend_Registry. I'm trying to both, without having to write my own Auth_Adapter. Here's what I have right now for just one salting method.

$adapter->setCredentialTreatment("SHA1(CONCAT(?, salt))");
$adapter->setCredential($values['password']);

Is this possible, or do I have to write an entire adapter for this?

Note that using CONCAT() & SHA1() functions could break if you change database (SHA1 is not natively available in SQLite) then I'll advise you to do it purely in PHP. — Boris Guéry, Feb 03 '11 at 00:48

score 0 · Accepted Answer · answered Feb 03 '11 at 00:41

0

Just add another item to the CONCAT function.

$staticSalt = Zend_Registry::get('static_salt');
$treatment = "SHA1(CONCAT(?, salt, '" . $staticSalt . "'))";
$adapter->setCredentialTreatment($treatment);
$adapter->setCredential($values['password']);

answered Feb 03 '11 at 00:41

satrun77

3,202
17
20

I could have sworn I tried this, but it worked now. Thanks for this! – tcole Feb 03 '11 at 17:24

Database and File Salt for Zend_Auth

1 Answers1