* @return string A hash of the session token (a verifier).
*/
final private function hash_token( $token ) {
- return hash( 'sha256', $token );
+ // If ext/hash is not present, use sha1() instead.
+ if ( function_exists( 'hash' ) ) {
+ return hash( 'sha256', $token );
+ } else {
+ return sha1( $token );
+ }
}
/**