public function processValues() { /** * security class is required * for building the user password and salt hashes. */ require KOCH . 'Security/Security.php'; // generate salted hash $hashArray = \Koch\Security\Security::build_salted_hash($_POST['admin_password'], $_SESSION['encryption']); /** * Insert admin user into the database. * * We are using a raw sql statement with bound variables passing it to Doctrine2. */ try { $db = Helper::getDoctrineEntityManager()->getConnection(); $raw_sql_query = 'INSERT INTO ' . $_SESSION['config']['database']['prefix'] . 'users SET email = :email, nick = :nick, passwordhash = :hash, salt = :salt, joined = :joined, language = :language, activated = :activated'; $stmt = $db->prepare($raw_sql_query); $params = array('email' => $_POST['admin_email'], 'nick' => $_POST['admin_name'], 'hash' => $hashArray['hash'], 'salt' => $hashArray['salt'], 'joined' => time(), 'language' => $_SESSION['admin_language'], 'activated' => '1'); $stmt->execute($params); } catch (\Exception $e) { $this->setStep(6); $this->setErrormessage($e->getMessage()); } }
public function testMethod_check_salted_hash() { // md5('admin'); from form input $passwordhash = '21232f297a57a5a743894a0e4a801fc3'; // expected, from db $databasehash = '7ff3adfa18a8ad7f115e90ce2c44a0ec'; // from db $salt = 'Sko5ie'; $hash_algorithm = 'md5'; $bool = \Koch\Security\Security::check_salted_hash($passwordhash, $databasehash, $salt, $hash_algorithm); $this->assertTrue($bool, true); }