there is a more secure way.
I this is one of the hash algorithm if not the best
Your db is used to store the hashed pw. ANy problem with that?
If somebody does break into your db - then the passwords will be useless to them as they are hashed.
Even if they manage to get your php function for creating the hash as well, it would still be a mammoth task to get the original password. Mind you if a malicious user could get into your db and into your php code, your cooked anyway. Just that you may potentially, albeit inadvertently, given away users' passwords - and as many of us use the same ones for many different things - their emails accounts etc may be under threat, which means all those juicy messages congratulating them on joining this and that along with passwords, and so on will now be available too.
So ensure that your hashing technique is robust.
Do you pre-salt and post-salt with sufficient whacky character combinations?
Is your hash method (e.g. sha/haval/whirlpool etc) ridiculously unlikely to hit collisions?