Install compatibility library for us with php

Question

I have been reading up on password encrypting, hashing etc.

I saw this fantastic response https://stackoverflow.com/a/6337021/2823458 and have a couple of questions:

First: Do I need to have access to my web server root to install compatibility libraries? (I assume I do but only have access to PHP 5.3.12 through my host and want to use $password_hash to hash using bcrypt). Which brings me to:

Second: If I have to be root on web server (not happening!) then would I just include Andrew's bcrypt class ad refer to it using (to quote):

$bcrypt = new Bcrypt(15);

$hash = $bcrypt->hash('password');
$isGood = $bcrypt->verify('password', $hash);

Obviously using my password variable in place of 'password'?

Clearly I'm pretty new to developing PHP and trying to ask the right people the right questions, If I'm miles off please point me in the right direction!

Answer 1

bcrypt is not available for PHP 5.3.x. You need to use the library from ex. https://github.com/ircmaxell/password_compat

You don't need to install anything on the server and you don't need to have root access. Just install the package and start using the library :)

You can either use https://getcomposer.org (Dependency Manager for PHP) or just download and include it in your project.

When you upgrade your server to php 5.5 you can use crypt out of the box, as it has been implemented as part of the language.