public function processValues()
{
/**
* security class is required
* for building the user password and salt hashes.
*/
require KOCH . 'Security/Security.php';
// generate salted hash
$hashArray = \Koch\Security\Security::build_salted_hash($_POST['admin_password'], $_SESSION['encryption']);
/**
* Insert admin user into the database.
*
* We are using a raw sql statement with bound variables passing it to Doctrine2.
*/
try {
$db = Helper::getDoctrineEntityManager()->getConnection();
$raw_sql_query = 'INSERT INTO ' . $_SESSION['config']['database']['prefix'] . 'users
SET email = :email,
nick = :nick,
passwordhash = :hash,
salt = :salt,
joined = :joined,
language = :language,
activated = :activated';
$stmt = $db->prepare($raw_sql_query);
$params = array('email' => $_POST['admin_email'], 'nick' => $_POST['admin_name'], 'hash' => $hashArray['hash'], 'salt' => $hashArray['salt'], 'joined' => time(), 'language' => $_SESSION['admin_language'], 'activated' => '1');
$stmt->execute($params);
} catch (\Exception $e) {
$this->setStep(6);
$this->setErrormessage($e->getMessage());
}
}
public function testMethod_check_salted_hash()
{
// md5('admin'); from form input
$passwordhash = '21232f297a57a5a743894a0e4a801fc3';
// expected, from db
$databasehash = '7ff3adfa18a8ad7f115e90ce2c44a0ec';
// from db
$salt = 'Sko5ie';
$hash_algorithm = 'md5';
$bool = \Koch\Security\Security::check_salted_hash($passwordhash, $databasehash, $salt, $hash_algorithm);
$this->assertTrue($bool, true);
}
