echo "\n\n"; ############## echo "Checking MangosSRP::calculateShaPassHash\n"; $calculated = MangosSRP::calculateShaPassHash(TEST_USERNAME, TEST_PASSWORD); echo "calculated: {$calculated}\n"; echo "expected: " . TEST_SHA_PASS_HASH . "\n"; echo "Test result:\t"; if (strtolower($calculated) == strtolower(TEST_SHA_PASS_HASH)) { echo "[OK]"; } else { echo "[FAILED]"; } echo "\n\n"; ############## echo "Checking MangosSRP::registerNewUser\n"; $calculated = MangosSRP::registerNewUser(TEST_USERNAME, TEST_PASSWORD); echo "calculated: "; var_dump($calculated); echo "expected: " . TEST_SHA_PASS_HASH . "\n"; echo "Test result:\t"; if (strtolower($calculated['sha_pass_hash']) == strtolower(TEST_SHA_PASS_HASH)) { echo "[OK]"; } else { echo "[FAILED]"; } echo "\n\n"; ############## echo "Checking MangosSRP::isValidPassword\n"; $correct = MangosSRP::isValidPassword(TEST_USERNAME, TEST_PASSWORD, TEST_S, TEST_V); $incorrect = MangosSRP::isValidPassword(TEST_USERNAME, TEST_PASSWORD, TEST_S, TEST_FALSE_V); echo "calculated: {$correct}, {$incorrect}\n";
// // these are some examples how to use MangosSRP. Note that these are only snipptes, the script alone does nothing but producing errors :) // error_reporting(E_ALL); require_once "MangosSRP.class.php"; ////// // first: Registering a new user // assumption: you made a form and the user sent his desired username/password // $databaseValues = MangosSRP::registerNewUser($_POST['username'], $_POST['password']); $query = "INSERT INTO account(username, v, s) VALUES ('" . mysql_real_escape_string($_POST['username']) . "', '" . $databaseValues['v'] . "', '" . $databaseValues['s'] . "')"; ////// // second: Verifying a user's password // this might be used to authenticate a password change for example // assumption: you made a form and the user sent his username and password. Furthermore, you've looked up v and s for this account from the database. // $valid = MangosSRP::isValidPassword($_POST['username'], $_POST['password'], $databse_s, $database_v); if ($valid) { echo "User authenticated successfully"; } else { echo "User authentication failed"; } ////// // third: changing users password // assumption: you made a form and the user sent his username and password. // of course, you should authentify him with his old data first. see above therefore // $databaseValues = MangosSRP::registerNewUser($_POST['username'], $_POST['new_password']); $query = "UPDATE account v='" . $databaseValues['v'] . "', s='" . $databaseValues['s'] . "' WHERE username='******'username']) . "'"; echo $query;