Can anyone tell me what is the use of following statement and how it works in Zend Framework?

setCredentialTreatment('SHA1(CONCAT(?,salt))');

Try like this:

            $auth = Zend_Auth::getInstance();
            $authAdapter = new Zend_Auth_Adapter_DbTable(
                Zend_Db_Table::getDefaultAdapter(),
                'users',
                'username',
                'password',
                "CONCAT('$this->_salt', sha(?))"
            );
            $authAdapter->setIdentity($username)
                ->setCredential($password);

setCredentialTreatment tells the auth adapter how to check the user supplied password against the one in the database (or whatever passwords are being checked again). In your example, the ? is the placeholder representing the password and CONCAT() and SHA1() are both database functions. So this example will append the salt to the user-entered password and then hash them using SHA1.

This will result in a database query that looks similar to this:

SELECT id FROM users WHERE email = 'user@example.com' AND password = SHA1(CONCAT('password',salt))

You use setCredentialTreatment() to change how the passwords are checked. For example if your passwords are just straight MD5 hashes, you'd instead use:

setCredentialTreatment('MD5(?)');