<?PHP
//this example is a bit more complicated because it includse a bit of form logic
//see the the other example for a simple explanation
$password = '';
$cypher = ( isset($_REQUEST['cypher']) ) ? $_REQUEST['cypher'] : '';
$formhash = ( isset($_REQUEST['hash']) ) ? $_REQUEST['hash'] : null;
if( isset($_REQUEST['password']) === true )
{
//this will hash the plain text password
require_once 'class_password.php';
$pwd = new Password();
//* gen new hash *
if( $formhash === null ) //only generate one hash for this example
{
$password = $_REQUEST['password']; //password provided by user
$pwd->set_hash_rounds($cypher, 10000);
$pwd->set_hash_type( $cypher );
$formhash = $pwd->hash($password); //hash the password
//$formhash now contains the hashed pw, store this value in your db since we need it
//when the user wants to login again
//I will output the hash into a textbox for this example.
}
//this will validate the stored hash against the entered plain thext password
if( isset($_REQUEST['hash']) === true )
{
$db_hash = $_REQUEST['hash']; //retrieve previously generated hash.
$password = $_REQUEST['password']; //password provided by user
$pwd->set_hash_rounds($cypher, 10000);
$pwd->set_hash_type( $cypher );
$hash = $pwd->re_hash( $db_hash, $password ); //hash the entered password with the salt of db_hash
//if the entered pw is correct then $hash and the hash from your db must match exactly ===
if( $hash === $db_hash )
echo '<h1>Valid password</h1>';
else
echo '<h1>Invalid password</h1>';
}
}
?>
<!DOCTYPE HTML>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>class_password demo</title>
</head>
<body onload="document.forms[0].password.focus();">
<div class="pw_test">
<p> </p>
<p> </p>
<form method="post" name="login_form">
<table class="center">
<tr>
<td>Please enter your password:</td>
<td><input type="text" name="password" value="<?PHP echo $password; ?>" tabindex="1" size="30" required="required" /></td>
</tr>
<tr>
<td>select a cypher</td>
<td>
<?PHP
if( isset($_REQUEST['cypher']) )
echo '<input type="radio" name="cypher" checked="checked" value="'.$cypher.'" /> '.$cypher.'<br />';
else{
echo '<input type="radio" name="cypher" value="sha512" /> sha512<br />
<input type="radio" name="cypher" value="sha256" /> sha256<br />
<input type="radio" name="cypher" value="md5" /> md5';
}
?>
</td>
</tr>
</table>
<?PHP
if( $formhash !== null )
{
echo '<p>Your hash has been generated. Submit it again to validate it against your password.<br />';
echo '<input type="text" name="hash" value="'.$formhash.'" size="100" /></p>';
}
?>
<p><input tabindex="3" name="Submit" value="Submit" type="submit" /></p>
<p><a href="class_password-test.php">start over</a></p>
</form>
</div>
</body>
</html>
|