<?php
$password = 'dupa123';
$salt = 'abcabcabcabcabcabcabca';
$cost = 12;
$hashWithManualSalt = password_hash($password, PASSWORD_BCRYPT, ['salt' => $salt, 'cost' => 12]);
$hashWithAutomaticSalt = password_hash($password, PASSWORD_BCRYPT, ['cost' => 12]);
echo 'deprecated way (should be valid): ', password_hash('dupa123', PASSWORD_BCRYPT, ['salt' => $salt, 'cost' => 12]) === $hashWithManualSalt ? 'valid' : 'invalid', PHP_EOL;
echo 'deprecated way (should be invalid): ', password_hash('dupa321', PASSWORD_BCRYPT, ['salt' => $salt, 'cost' => 12]) === $hashWithManualSalt ? 'valid' : 'invalid', PHP_EOL;
echo 'new way (should be valid): ', password_verify('dupa123', $hashWithAutomaticSalt) ? 'valid' : 'invalid', PHP_EOL;
echo 'new way (should be invalid): ', password_verify('dupa321', $hashWithAutomaticSalt) ? 'valid' : 'invalid', PHP_EOL;
preferences:
32.3 ms | 402 KiB | 5 Q