The function hash_pbkdf2()
will be introduced in PHP version 5.5, so i suspect that your installed PHP version does not yet support this function. Before you call the function, you test whether BCrypt is defined, but the function hash_pbkdf2()
(password-based-key-derivation-function) has nothing to do with BCrypt.
It is recommended to hash passwords with BCrypt though, in PHP version 5.5 you can do it with password_hash()
instead. There also exist a compatibility pack for earlier versions.
// Hash a new password for storing in the database.
// The function automatically generates a cryptographically safe salt.
$hashToStoreInDb = password_hash($password, PASSWORD_BCRYPT);
// Check if the hash of the entered login password, matches the stored hash.
// The salt and the cost factor will be extracted from $existingHashFromDb.
$isPasswordCorrect = password_verify($password, $existingHashFromDb);