3v4l.org

run code in 300+ PHP versions simultaneously
<?php $pw = "\x00\x30"; $hash = password_hash($pw, PASSWORD_DEFAULT); assert(password_verify(password: 'wrong', hash: $hash) === false, 'Incorect password should not verify'); assert(password_verify(password: '', hash: $hash) === false, 'Blank password should not verify'); assert(password_verify(password: $pw, hash: $hash) === true, 'Correct password should verify'); assert(password_verify(password: strrev($pw), hash: $hash) === false, 'Reversed correct password not should verify');
Output for 8.2.18 - 8.2.28, 8.3.5 - 8.3.21, 8.4.1 - 8.4.7
Fatal error: Uncaught ValueError: Bcrypt password must not contain null character in /in/Z0pcl:5 Stack trace: #0 /in/Z0pcl(5): password_hash(Object(SensitiveParameterValue), '2y') #1 {main} thrown in /in/Z0pcl on line 5
Process exited with code 255.
Output for 8.0.0, 8.1.0 - 8.1.27, 8.2.0 - 8.2.17, 8.3.0 - 8.3.4
Fatal error: Uncaught AssertionError: Blank password should not verify in /in/Z0pcl:8 Stack trace: #0 /in/Z0pcl(8): assert(false, 'Blank password ...') #1 {main} thrown in /in/Z0pcl on line 8
Process exited with code 255.
Output for 8.1.28 - 8.1.32
Fatal error: Uncaught ValueError: Bcrypt password must not contain null character in /in/Z0pcl:5 Stack trace: #0 /in/Z0pcl(5): password_hash('\x000', '2y') #1 {main} thrown in /in/Z0pcl on line 5
Process exited with code 255.
preferences:
56.9 ms | 408 KiB | 5 Q