--- /dev/null
+--TEST--
+Test error operation of password_hash() with bcrypt hashing
+--FILE--
+<?php
+//-=-=-=-
+
+var_dump(password_hash("foo", PASSWORD_BCRYPT, array("cost" => 3)));
+
+var_dump(password_hash("foo", PASSWORD_BCRYPT, array("cost" => 32)));
+
+var_dump(password_hash("foo", PASSWORD_BCRYPT, array("salt" => "foo")));
+
+var_dump(password_hash("foo", PASSWORD_BCRYPT, array("salt" => "123456789012345678901")));
+
+?>
+--EXPECTF--
+Warning: password_hash(): Invalid bcrypt cost parameter specified: 3 in %s on line %d
+bool(false)
+
+Warning: password_hash(): Invalid bcrypt cost parameter specified: 32 in %s on line %d
+bool(false)
+
+Warning: password_hash(): Provided salt is too short: 3 expecting 22 in %s on line %d
+bool(false)
+
+Warning: password_hash(): Provided salt is too short: 21 expecting 22 in %s on line %d
+bool(false)
+
--- /dev/null
+--TEST--
+Test normal operation of password_hash()
+--FILE--
+<?php
+//-=-=-=-
+
+// Set the cost low so the test is fast
+ini_set('password.bcrypt_cost', '4');
+
+var_dump(strlen(password_hash("foo")));
+
+$hash = password_hash("foo");
+
+var_dump($hash == crypt("foo", $hash));
+
+var_dump(password_hash("rasmuslerdorf", PASSWORD_BCRYPT, array("cost" => 7, "salt" => "usesomesillystringforsalt")));
+
+var_dump(password_hash("test", PASSWORD_BCRYPT, array("salt" => "123456789012345678901" . chr(0))));
+
+echo "OK!";
+?>
+--EXPECT--
+int(60)
+bool(true)
+string(60) "$2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi"
+string(60) "$2y$04$MTIzNDU2Nzg5MDEyMzQ1NekACxf2CF7ipfk/b9FllU9Fs8RcUm5UG"
+OK!
--- /dev/null
+--TEST--
+Test error operation of password_hash()
+--FILE--
+<?php
+//-=-=-=-
+
+var_dump(password_hash());
+
+var_dump(password_hash("foo", array()));
+
+var_dump(password_hash("foo", "bar", new StdClass));
+
+var_dump(password_hash("foo", "bar", "baz"));
+
+var_dump(password_hash(123));
+
+var_dump(password_hash("123", PASSWORD_BCRYPT, array("salt" => 13)));
+
+?>
+--EXPECTF--
+Warning: password_hash() expects at least 1 parameter, 0 given in %s on line %d
+bool(false)
+
+Warning: password_hash() expects parameter 2 to be string, array given in %s on line %d
+bool(false)
+
+Warning: password_hash(): Unknown password hashing algorithm: bar in %s on line %d
+bool(false)
+
+Warning: password_hash() expects parameter 3 to be array, string given in %s on line %d
+bool(false)
+
+Warning: password_hash(): Password must be a string in %s on line %d
+bool(false)
+
+Warning: password_hash(): Non-string salt parameter supplied in %s on line %d
+bool(false)
+
--- /dev/null
+--TEST--
+Test normal operation of password_make_salt()
+--FILE--
+<?php
+//-=-=-=-
+echo strlen(password_make_salt(1)) . "\n";
+echo strlen(password_make_salt(2)) . "\n";
+echo strlen(password_make_salt(3)) . "\n";
+echo strlen(password_make_salt(4)) . "\n";
+echo strlen(password_make_salt(5)) . "\n";
+echo "\n";
+
+echo strlen(password_make_salt(1, true)) . "\n";
+echo strlen(password_make_salt(2, true)) . "\n";
+echo strlen(password_make_salt(3, true)) . "\n";
+echo strlen(password_make_salt(4, true)) . "\n";
+echo strlen(password_make_salt(5, true)) . "\n";
+echo "\n";
+
+$a = password_make_salt(32);
+$b = password_make_salt(32);
+
+var_dump($a != $b);
+echo "OK!";
+?>
+--EXPECT--
+1
+2
+3
+4
+5
+
+1
+2
+3
+4
+5
+
+bool(true)
+OK!
--- /dev/null
+--TEST--
+Test error operation of password_make_salt()
+--FILE--
+<?php
+//-=-=-=-
+
+var_dump(password_make_salt());
+
+var_dump(password_make_salt("foo"));
+
+var_dump(password_make_salt(-1));
+
+?>
+--EXPECTF--
+Warning: password_make_salt() expects at least 1 parameter, 0 given in %s on line %d
+bool(false)
+
+Warning: password_make_salt() expects parameter 1 to be long, string given in %s on line %d
+bool(false)
+
+Warning: password_make_salt(): Length cannot be less than or equal zero: -1 in %s on line %d
+bool(false)
+
--- /dev/null
+--TEST--
+Test normal operation of password_verify)
+--FILE--
+<?php
+//-=-=-=-
+
+var_dump(password_verify(123, 123));
+
+var_dump(password_verify("foo", '$2a$07$usesomesillystringforsalt$'));
+
+var_dump(password_verify('rasmusler', '$2a$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi'));
+
+var_dump(password_verify('rasmuslerdorf', '$2a$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi'));
+echo "OK!";
+?>
+--EXPECT--
+bool(false)
+bool(false)
+bool(false)
+bool(true)
+OK!
--- /dev/null
+--TEST--
+Test error operation of password_verify()
+--FILE--
+<?php
+//-=-=-=-
+
+var_dump(password_verify());
+
+var_dump(password_verify("foo"));
+
+?>
+--EXPECTF--
+Warning: password_verify() expects exactly 2 parameters, 0 given in %s on line %d
+bool(false)
+
+Warning: password_verify() expects exactly 2 parameters, 1 given in %s on line %d
+bool(false)
+
projects / php / commitdiff