Password handling for php landing page Shared

Inside the controller: elseif(! $model- > validatePassword($data- > password))

<?php 

  

class XBaseModel extends CActiveRecord 
{ 
    /** 
     *  Detect user password  
     * 
     * @return boolean 
     */
    public function validatePassword ($password) 
    { 
        return $this->hashPassword($this->password) === $password; 
    } 

    /** 
     *  Password encryption  
     * @return string password 
     */
    public function hashPassword ($password) 
    { 
        return md5($password); 
    } 

} 

Or:

if ($user & & $user- > password == $user- > hashPassword($this- > password, $user- > salt)) {

public function validatePassword($password) { 
        return $this->hashPassword($password, $this->salt) === $this->password; 
    } 

 public function hashPassword($password, $salt) { 
        return md5(md5($password) . $salt); 
    } 

public function generateSalt() { 
$str = '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; 
$len = strlen($str) - 1; 
$string = ''; 
for ($i = 0; $i < 6; $i++) { 
$string .= $str[mt_rand(0, $len)]; 
} 
return $string; 
} 

Or:

public function validatePassword($password) { 

        return $this->hashPassword($password,$this->salt)===$this->password; 
    } 

  
    public function hashPassword($password,$salt) 
    { 
        return md5($salt.$password); 
    } 

  
    protected function generateSalt() 
    { 
        return uniqid('',true); 
    } 

Note: if you have salt, the fields in the database should have salt.