-
Notifications
You must be signed in to change notification settings - Fork 0
/
passworddemo.phtml
62 lines (62 loc) · 2.58 KB
/
passworddemo.phtml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>
<?php echo '<p>PHP '.phpversion().'</p>'; ?>
<h4>The <a href="https://php.net/manual/en/function.password-hash.php">password_hash()</a> function in PHP.</h4>
<?php if (version_compare(PHP_VERSION, '5.5.0') >= 0) { ?>
<form action="" method="post">
<span>Select password algorithm</span><br>
<?php if (@constant("PASSWORD_ARGON2ID")) { ?>
<!-- Available as of PHP 7.3.0 but not on XAMPP. -->
<input type="radio" name="algo" value="argon2id"> Argon2id<br>
<?php } ?>
<?php if (@constant("PASSWORD_ARGON2I")) { ?>
<!-- Available as of PHP 7.2.0 but not on XAMPP. -->
<input type="radio" name="algo" value="argon2i"> Argon2i<br>
<?php } ?>
<input type="radio" name="algo" value="bcrypt"> bcrypt<br><br>
<span>Enter text to hash</span><br>
<input type="text" name="text" autocomplete="off">
<input type="submit" name="input" value="hash">
</form>
<?php
if (!empty($_POST['input'])) {
if ($_POST['algo'] == argon2id) {
$algo = PASSWORD_ARGON2ID;
} elseif ($_POST['algo'] == argon2i) {
$algo = PASSWORD_ARGON2I;
} elseif ($_POST['algo'] == bcrypt) {
$algo = PASSWORD_BCRYPT;
} else $algo = PASSWORD_DEFAULT; // Same as PASSWORD_BCRYPT since it is the default.
$hash = password_hash($text=$_POST['text'], $algo);
echo '<pre style="font-size: 1.1em;">'.$hash.'</pre>';
echo '<span>Length: '.strlen($hash).' characters</span>';
}
?>
<h4>The <a href="https://php.net/manual/en/function.password-verify.php">password_verify()</a> function in PHP.</h4>
<?php if (!empty($hash)) { ?>
<form action="" method="post">
<span>Enter text to verify the hash</span><br>
<input type="hidden" name="hash" value="<?php echo $hash; ?>" autocomplete="off" readonly>
<input type="text" name="guess" autocomplete="off">
<input type="submit" name="execute" value="verify">
</form>
<?php
} elseif (!empty($_POST['execute'])) {
$hash=$_POST['hash'];
$guess=$_POST['guess'];
if (password_verify($guess, $hash)) {
echo '<pre style="font-size: 1.1em; color: green;">Valid!</pre>';
echo '<pre style="font-size: 1.1em;">"'.$guess.'" is the password.</pre>';
} else {
echo '<pre style="font-size: 1.1em; color: red;">Invalid!</pre>';
echo '<pre style="font-size: 1.1em;">"'.$guess.'" is not the password.</pre>';
}
} else echo 'Waiting for hash...';
?>
<?php } else echo '<p>PHP before 5.5.0 cannot use either password_hash() or password_verify().</p>' ?>
</body>
</html>