php sha1 function returning wrong value

[eluser]J Maxwell[/eluser]
Ok,

It must be the time of night or something, but why would calling sha1 on the same string in two different places produce different values?

In my user library, calling

sha1('steve') gives da39a3ee5e6b4b0d3255bfef95601890afd80709

but if I calculate it in a controller it is giving

sha1('steve') gives 9ce5770b3bb4b2a1d59be2d97e34379cd192299f



Now, call me daft, but I thought that the point of sha1 is that it is reproduceable? This is the same server, calling php's native function, not through the encrypt feature of CI.

Anyone got any ideas?

John

[eluser]J Maxwell[/eluser]
In fact sha1 called in the library gives me the same hash whatever I pass to it. Errrrr?

[eluser]WanWizard[/eluser]
That's odd.

Code:

echo sha1('steve'),'<br />';
echo sha1('john');

gives me

Code:

9ce5770b3bb4b2a1d59be2d97e34379cd192299f
a51dda7c7ff50b61eaea0444371f4a6a9301e501

[eluser]J Maxwell[/eluser]
I couldn't make it work for the life of me - I have no idea why it was hanging like that, but I found an easy and much more secure way around it.

SHA1 is ok, but it is nowhere near as secure as Whirlpool - which gives a 512bit digest and seems to work fine to me. The downside is its a little more CPU heavy, and it needs 128 chars in the database so tables get a bit larger. However, since SHA1 seems to experience collisions in 2^69, and whirlpool is good for 2^120, I figure its a good upgrade.

Code:

$hashed = hash( 'whirlpool', $password.$this->_get_salt() );

John