Ørjan Langbakk - 2014-07-12 14:20:43
Well... this is basically done just as easily with the built-in PDO-class (albeit error handling via the normal PDO-class is a bit shoddy, but I can't see that you've done anything with error-handling anyway).
Besides, the hashing-function is severly outdated - if you wanted to keep using a hash for backwards compatibility, I suggest checking for different availability of certain functions, like crypt(), or password_hash().
The implementation of the hashing algorithm you've provided in the class is not secure (anymore), albeit not the worst I've ever seen.
However, the built in functionality in this class, like password hashing and validation, doesn't really belong in a DB-class - it belongs in a security or user-class, more.
