[Pikami]

i'm working with it for 1 year now and for now it's okay. But i have my own "hash" function so if double md5 with salt fails i will switch to my hash function

This beyond stupid.
MD5 was peer reviewed and looked over by tons of security experts, yet it was still broken.
Your own algorithm is probably not as advanced as MD5, and is a major security hole.

Use bcrypt or something ffs

Would agree with that being beyond stupid


Is this a good solution @'ender'?

Code:

function hashPassword($password, $salt){
   $secretkey = 'A long key that is in code. Over 1000 chars';
   
   //Amount of iterations
   $iterations = 100;
   $hash = hash('sha512', $salt . $password . $secretkey);

   for($i = 0; i < $iterations-1; $i++) {
       $hash = hash('sha512', $salt . $hash . $secretkey);
   }
   return $hash;
}
function checkPassword($password, $hashedPassword, $salt){
   //Hashes the password for comparing to the hashedPassword in the db
   $hash = hashPassword($password, $salt);

   //Sleep to prevent a timing attack
   usleep(random_int(100,1000));
   if($hash === $hashedPassword){
       return true;
   }
   return false;
}

This is not a good solution.
Use BCRYPT man