diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index b5ed5542749..92afd4da700 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -1,8 +1,9 @@ * Copyright (C) 2008-2021 Regis Houssin * Copyright (C) 2020 Ferran Marcet - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -234,15 +235,15 @@ function dolDecrypt($chain, $key = '') * If constant MAIN_SECURITY_SALT is defined, we use it as a salt (used only if hashing algorithm is something else than 'password_hash'). * * @param string $chain String to hash - * @param string $type Type of hash: - * 'auto' or '0': will use MAIN_SECURITY_HASH_ALGO else md5 - * 'sha1' or '1': sha1 - * 'sha1md5' or '2': sha1md5 - * 'md5' or '3': md5 - * 'openldapxxx' or '4': for OpenLdap - * 'sha256' or '5': sha256 - * 'password_hash' or '6': password_hash - * Use 'md5' if hash is not needed for security purpose. For security need, prefer 'auto'. + * @param 'auto'|'0'|'sha1'|'1'|'sha1md5'|'2'|'md5'|'3'|'openldap'|'4'|'sha256'|'5'|'password_hash'|'6' $type Type of hash: + * 'auto' or '0': will use MAIN_SECURITY_HASH_ALGO else md5 + * 'sha1' or '1': sha1 + * 'sha1md5' or '2': sha1md5 + * 'md5' or '3': md5 + * 'openldapxxx' or '4': for OpenLdap + * 'sha256' or '5': sha256 + * 'password_hash' or '6': password_hash + * Use 'md5' if hash is not needed for security purpose. For security need, prefer 'auto'. * @param int $nosalt Do not include any salt * @param int $mode 0=Return encoded password, 1=Return array with encoding password + encoding algorithm * @return string|array{pass_encrypted:string,pass_encoding:string} Hash of string or array with pass_encrypted and pass_encoding