No hash being returned with PHP5.3.8

[bretrzaun]

Hello,
I just implemented this excellent library (thanks for creating it) a few days ago.

Now I got a report from a developer using PHP 5.3.8-ZS5.5.0 (cli) - which is perfectly matching the requirements - that password_hash returns false instead of a hash.

Seems like crypt() function reported a failure, but I have no clue how to find out why.
Testing the same against PHP 5.3.14 works without any problems.

Any idea ?

[ircmaxell]

Can you provide the output of php -v run from the command line (the complete version information).

Also, can you turn on all error reporting (if you haven't done so already) by doing error_reporting(-1), and then checking if any errors are thrown?

Thanks

Anthony

[bretrzaun]

PHP version output:
PHP 5.3.8-ZS5.5.0 (cli) (built: Aug 23 2011 09:15:05)
Copyright (coffee) 1997-2011 The PHP Group
Zend Engine v2.3.0, Copyright (coffee) 1998-2011 Zend Technologies
   with Zend Extension Manager v5.1, Copyright (coffee) 2003-2010, by Zend Technologies
   - with Zend Data Cache v4.0, Copyright (coffee) 2004-2010, by Zend Technologies [loaded] [licensed] [disabled]
   - with Zend Download Server v1.5.0, Copyright (coffee) 1998-2010 Zend Technologies Ltd., by Zend Technologies [loaded] [licensed] [disabled]
   - with Zend Job Queue v4.0, Copyright (coffee) 2004-2010, by Zend Technologies [loaded] [not licensed] [disabled]
   - with Zend Session Clustering v4.0, Copyright (coffee) 2004-2010, by Zend Technologies [loaded] [licensed] [disabled]
   - with Zend Utils v1.0, Copyright (coffee) 2004-2010, by Zend Technologies [loaded] [licensed] [enabled]
   - with Zend Optimizer+ v4.1, Copyright (coffee) 1999-2010, by Zend Technologies [loaded] [licensed] [disabled]
   - with Zend Code Tracing v1.0, Copyright (coffee) 2009-2010, by Zend Technologies [loaded] [not licensed] [disabled]
   - with Zend Monitor v4.1, Copyright (coffee) 1999-2010, by Zend Technologies [loaded] [licensed] [disabled]
   - with Zend Debugger v5.3, Copyright (coffee) 1999-2010, by Zend Technologies [loaded] [licensed] [enabled]
   - with Zend Page Cache v4.0, Copyright (coffee) 2004-2010, by Zend Technologies [loaded] [licensed] [disabled]

Error reporting shows no messages at all.

[ircmaxell]

Can you run version-test.php from your cli?

> php version-test.php

What does it output?

Additionally, if you manually run the following via a PHP file, can you post the results?

$hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG';
$test = crypt("password", $hash);
var_dump($hash);

[bretrzaun]

The output of version-test.php is:

Test for functionality of compat library: Fail

Your code example gave us:

string(60) "$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG"

[ircmaxell]

That's really weird. Can you try editing line 5 of version-test.php from:

$pass = $test == $hash;

To

$pass = $test === $hash;

I'm not sure what's happening

[simoncoggins]

@ircmaxell You asked him to var_dump($hash), didn't you mean $test?

[erdemece]

same thing is happening to me as well.

Test for functionality of compat library: Fail

[danez]

Can you try this snippet?

$hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG';
$test = crypt("password", $hash);
var_dump($test);

[sarciszewski]

A slightly more meaningful test, since it prints both $hash and $test:

$hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG';
$test = crypt("password", $hash);
var_dump(array($hash, $test));