I've been using portable PHP password hashing framework to hash password these days. I was wondering if it is safe the directly pass $_POST['password'] into CheckPassword method?
// get hashed password from database
$pwHash = new PasswordHash(8, FALSE);
$isMatch = $pwHash->CheckPassword($_POST['password'], $hasedPassword);