3v4l.org

run code in 300+ PHP versions simultaneously
<?php $userId = '7788990011223344551'; $short_username = 'zerocool95'; $long_username = 'zerocool95-Y3Jhc2ggb3ZlcnJpZGUgaXMgcmVhbGx5IHplcm8gY29vbA'; $password = 'Mess with the best, die like the rest.'; echo "Using short username\n"; $combined = $userId . $short_username . $password; $hash = password_hash( $combined, PASSWORD_BCRYPT, [ 'cost' => 12 ] ); echo $hash . "\n"; if ( password_verify( $combined, $hash ) ) { echo "Correct user id, username, password combination\n"; } else { echo "Incorrect combination\n"; } $bad_combination = $userId . $short_username . 'not-my-password'; if ( password_verify( $bad_combination, $hash ) ) { echo "Correct user id, username, password combination\n"; } else { echo "Incorrect combination\n"; } // Output // $2y$12$OSlXjZirMYlaKtXqMTr1uePNIEEsxS4sDQHCpfg.vC/Aw9SBaEvBS // Correct user id, username, password combination // Incorrect combination echo "\n---\n"; // Now try it with the long, 52+ characters, username echo "Using LONG short username\n"; $combined = $userId . $long_username . $password; $hash = password_hash( $combined, PASSWORD_BCRYPT, [ 'cost' => 12 ] ); echo $hash . "\n"; if ( password_verify( $combined, $hash ) ) { echo "Correct user id, username, password combination\n"; } else { echo "Incorrect combination\n"; } $bad_combination = $userId . $long_username . 'not-my-password'; if ( password_verify( $bad_combination, $hash ) ) { echo "Correct user id, username, password combination\n"; } else { echo "Incorrect combination\n"; } // Output // $2y$12$p2xn6C0duRrnpjFQWTBCJe7hjlIq0GZHwmwRdAUgeOD30a5T85V/G // Correct user id, username, password combination // Correct user id, username, password combination
Finding entry points
Branch analysis from position: 0
2 jumps found. (Code = 43) Position 1 = 21, Position 2 = 23
Branch analysis from position: 21
1 jumps found. (Code = 42) Position 1 = 24
Branch analysis from position: 24
2 jumps found. (Code = 43) Position 1 = 32, Position 2 = 34
Branch analysis from position: 32
1 jumps found. (Code = 42) Position 1 = 35
Branch analysis from position: 35
2 jumps found. (Code = 43) Position 1 = 53, Position 2 = 55
Branch analysis from position: 53
1 jumps found. (Code = 42) Position 1 = 56
Branch analysis from position: 56
2 jumps found. (Code = 43) Position 1 = 64, Position 2 = 66
Branch analysis from position: 64
1 jumps found. (Code = 42) Position 1 = 67
Branch analysis from position: 67
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 66
1 jumps found. (Code = 62) Position 1 = -2
Branch analysis from position: 55
2 jumps found. (Code = 43) Position 1 = 64, Position 2 = 66
Branch analysis from position: 64
Branch analysis from position: 66
Branch analysis from position: 34
2 jumps found. (Code = 43) Position 1 = 53, Position 2 = 55
Branch analysis from position: 53
Branch analysis from position: 55
Branch analysis from position: 23
2 jumps found. (Code = 43) Position 1 = 32, Position 2 = 34
Branch analysis from position: 32
Branch analysis from position: 34
filename:       /in/b3Plj
function name:  (null)
number of ops:  68
compiled vars:  !0 = $userId, !1 = $short_username, !2 = $long_username, !3 = $password, !4 = $combined, !5 = $hash, !6 = $bad_combination
line      #* E I O op                           fetch          ext  return  operands
-------------------------------------------------------------------------------------
    3     0  E >   ASSIGN                                                   !0, '7788990011223344551'
    4     1        ASSIGN                                                   !1, 'zerocool95'
    5     2        ASSIGN                                                   !2, 'zerocool95-Y3Jhc2ggb3ZlcnJpZGUgaXMgcmVhbGx5IHplcm8gY29vbA'
    6     3        ASSIGN                                                   !3, 'Mess+with+the+best%2C+die+like+the+rest.'
    8     4        ECHO                                                     'Using+short+username%0A'
    9     5        CONCAT                                           ~11     !0, !1
          6        CONCAT                                           ~12     ~11, !3
          7        ASSIGN                                                   !4, ~12
   11     8        INIT_FCALL                                               'password_hash'
   12     9        SEND_VAR                                                 !4
   13    10        SEND_VAL                                                 '2y'
   15    11        SEND_VAL                                                 <array>
   11    12        DO_ICALL                                         $14     
         13        ASSIGN                                                   !5, $14
   19    14        CONCAT                                           ~16     !5, '%0A'
         15        ECHO                                                     ~16
   21    16        INIT_FCALL                                               'password_verify'
         17        SEND_VAR                                                 !4
         18        SEND_VAR                                                 !5
         19        DO_ICALL                                         $17     
         20      > JMPZ                                                     $17, ->23
   22    21    >   ECHO                                                     'Correct+user+id%2C+username%2C+password+combination%0A'
   21    22      > JMP                                                      ->24
   24    23    >   ECHO                                                     'Incorrect+combination%0A'
   27    24    >   CONCAT                                           ~18     !0, !1
         25        CONCAT                                           ~19     ~18, 'not-my-password'
         26        ASSIGN                                                   !6, ~19
   28    27        INIT_FCALL                                               'password_verify'
         28        SEND_VAR                                                 !6
         29        SEND_VAR                                                 !5
         30        DO_ICALL                                         $21     
         31      > JMPZ                                                     $21, ->34
   29    32    >   ECHO                                                     'Correct+user+id%2C+username%2C+password+combination%0A'
   28    33      > JMP                                                      ->35
   31    34    >   ECHO                                                     'Incorrect+combination%0A'
   40    35    >   ECHO                                                     '%0A---%0A'
   44    36        ECHO                                                     'Using+LONG+short+username%0A'
   45    37        CONCAT                                           ~22     !0, !2
         38        CONCAT                                           ~23     ~22, !3
         39        ASSIGN                                                   !4, ~23
   47    40        INIT_FCALL                                               'password_hash'
   48    41        SEND_VAR                                                 !4
   49    42        SEND_VAL                                                 '2y'
   51    43        SEND_VAL                                                 <array>
   47    44        DO_ICALL                                         $25     
         45        ASSIGN                                                   !5, $25
   55    46        CONCAT                                           ~27     !5, '%0A'
         47        ECHO                                                     ~27
   57    48        INIT_FCALL                                               'password_verify'
         49        SEND_VAR                                                 !4
         50        SEND_VAR                                                 !5
         51        DO_ICALL                                         $28     
         52      > JMPZ                                                     $28, ->55
   58    53    >   ECHO                                                     'Correct+user+id%2C+username%2C+password+combination%0A'
   57    54      > JMP                                                      ->56
   60    55    >   ECHO                                                     'Incorrect+combination%0A'
   63    56    >   CONCAT                                           ~29     !0, !2
         57        CONCAT                                           ~30     ~29, 'not-my-password'
         58        ASSIGN                                                   !6, ~30
   64    59        INIT_FCALL                                               'password_verify'
         60        SEND_VAR                                                 !6
         61        SEND_VAR                                                 !5
         62        DO_ICALL                                         $32     
         63      > JMPZ                                                     $32, ->66
   65    64    >   ECHO                                                     'Correct+user+id%2C+username%2C+password+combination%0A'
   64    65      > JMP                                                      ->67
   67    66    >   ECHO                                                     'Incorrect+combination%0A'
   73    67    > > RETURN                                                   1

Generated using Vulcan Logic Dumper, using php 8.0.0


preferences:
144.97 ms | 1465 KiB | 15 Q