PHP Classes

File: class_password-example-test.php

Recommend this page to a friend!
  Classes of Sceptre   Quick And Easy Password Hashing   ???   Download  
File: ???
Role: Example script
Content type: text/plain
Description: interactive example
Class: Quick And Easy Password Hashing
Create and verify password hashes with SHA and MD5
Author: By
Last change:
Date: 13 years ago
Size: 3,478 bytes
 

Contents

Class file image Download
<?PHP
  //this example is a bit more complicated because it includse a bit of form logic
  //see the the other example for a simple explanation

  $password = '';
  $cypher = ( isset($_REQUEST['cypher']) ) ? $_REQUEST['cypher'] : '';
  $formhash = ( isset($_REQUEST['hash']) ) ? $_REQUEST['hash'] : null;
  if( isset($_REQUEST['password']) === true )
  {
    //this will hash the plain text password
    require_once 'class_password.php';
    $pwd = new Password();

    //* gen new hash *
    if( $formhash === null ) //only generate one hash for this example
    {
      $password = $_REQUEST['password']; //password provided by user
      $pwd->set_hash_rounds($cypher, 10000);
      $pwd->set_hash_type( $cypher );
      $formhash = $pwd->hash($password); //hash the password
      //$formhash now contains the hashed pw, store this value in your db since we need it
      //when the user wants to login again
      //I will output the hash into a textbox for this example.
    }
    //this will validate the stored hash against the entered plain thext password
    if( isset($_REQUEST['hash']) === true )
    {
      $db_hash = $_REQUEST['hash']; //retrieve previously generated hash.
      $password = $_REQUEST['password']; //password provided by user
      $pwd->set_hash_rounds($cypher, 10000);
      $pwd->set_hash_type( $cypher );
      $hash = $pwd->re_hash( $db_hash, $password ); //hash the entered password with the salt of db_hash
      //if the entered pw is correct then $hash and the hash from your db must match exactly ===
      if( $hash === $db_hash )
        echo '<h1>Valid password</h1>';
      else
        echo '<h1>Invalid password</h1>';
    }
  }
    ?>
<!DOCTYPE HTML>
<html lang="en">
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>class_password demo</title>
  </head>
  <body onload="document.forms[0].password.focus();">
    <div class="pw_test">
      <p>&nbsp;</p>
      <p>&nbsp;</p>
      <form method="post" name="login_form">
        <table class="center">
          <tr>
            <td>Please enter your password:</td>
            <td><input type="text" name="password" value="<?PHP echo $password; ?>" tabindex="1" size="30" required="required" /></td>
          </tr>
          <tr>
            <td>select a cypher</td>
            <td>
              <?PHP
                if( isset($_REQUEST['cypher']) )
                  echo '<input type="radio" name="cypher" checked="checked" value="'.$cypher.'" /> '.$cypher.'<br />';
                else{
                  echo '<input type="radio" name="cypher" value="sha512" /> sha512<br />
                        <input type="radio" name="cypher" value="sha256" /> sha256<br />
                        <input type="radio" name="cypher" value="md5" /> md5';
                }
                ?>
</td>
          </tr>
          </table>
          <?PHP
            if( $formhash !== null )
            {
              echo '<p>Your hash has been generated. Submit it again to validate it against your password.<br />';
              echo '<input type="text" name="hash" value="'.$formhash.'" size="100" /></p>';
            }
          ?>


        <p><input tabindex="3" name="Submit" value="Submit" type="submit" /></p>
        <p><a href="class_password-test.php">start over</a></p>
      </form>
    </div>
  </body>
</html>