/**
* Test that false is returned when the hashes are different lengths
*/
public function testHashEqualsDifferentLength()
{
$hash = sha1(mt_rand());
$this->assertFalse(Gatekeeper::hash_equals($hash, md5(mt_rand())));
}
/**
* Check the given code against he value in the database
*
* @param string $resetCode Reset code to verify
* @return boolean Pass/fail of verification
*/
public function checkResetPasswordCode($resetCode)
{
// Verify we have a user
if ($this->id === null) {
return false;
}
if ($this->resetCode === null) {
throw new Exception\PasswordResetInvalid('No reset code defined for user ' . $this->username);
}
// Verify the timeout
$timeout = new \DateTime($this->resetCodeTimeout);
if ($timeout <= new \DateTime()) {
$this->clearPasswordResetCode();
throw new Exception\PasswordResetTimeout('Reset code has timeed out!');
}
// We made it this far, compare the hashes
$result = Gatekeeper::hash_equals($this->resetCode, $resetCode);
if ($result === true) {
$this->clearPasswordResetCode();
}
return $result;
}
