Testing if string is sha1 in PHP

Question

I\'m planning on storing the passwords as a sha1, so I need a way to validate that it is a sha1 at another point in my website. I was planning on using preg_match, but I do

Answer 1

Actually, you can use preg_match() to make sure it's a 40 characters hexadecimal string as such:

function is_sha1($str) {
    return (bool) preg_match('/^[0-9a-f]{40}$/i', $str);
}

To explain the pattern:

/        Opening Delimiter
^        Start Of String Anchor
[0-9a-f] Any of the following characters: 0123456789abcdef
{40}     Repeated 40 times
$        End Of String Anchor
/        Closing Delimiter
i        Modifier: Case-Insensitive Search

---

If you are trying to make sure that the sha1() hash matches the password the user provider, you simply rehash like this:

if($db_hash == sha1($user_provided_pass))
   echo "Password is correct!";