/**
* Hashes a string with salt and returns the hash. If an old previous hash
* is supplied the method will use the first X chars of that hash for hashing
- * the password. This is useful if you want to check if the password is
- * identical for authorization purposes.
+ * the password. This is useful if you want to check if password is identical
+ * for authorization purposes.
*
* @param $str Unhashed string
* @param $oldHash A hash from previous hashed string
// Get the real string out
$strArray = explode("|", $garbageString);
+
+ // Does the element count match?
+ assert(count($strArray) == 3);
+
+ // Decode the string
$str = base64_decode($strArray[1]);
// Trim trailing nulls away