hash('md5', "this is my secret key", true)); $macd = securestring_create("one=1&two=2", $keys, 1); // should validate right now if (securestring_validate($macd, $keys) === false) { echo "BAD1 -- i screwed up\n"; } // modify every part of the string for ($i = 0; $i < strlen($macd); $i++) { $bad = $macd; // change the character $bad[$i] = $bad[$i] + 1; // it better fail if (securestring_validate($bad, $keys) === true) { echo "BAD2\n"; } // restore, and make sure we did it right // this is cause I dont' know how php works // does assign copy by value or by reference? // note to self: it's copy by value for strings if (securestring_validate($macd, $keys) === false) { echo "BAD3 -- i screwed up\n"; } } // take every substring from front for ($i = 0; $i < strlen($macd); $i++) { $bad = substr($macd,0,i); if (securestring_validate($bad, $keys) === true) { echo "BAD4\n"; } } // from other direction for ($i = 1; $i < strlen($macd); $i++) { $bad = substr($macd,$i); if (securestring_validate($bad, $keys) === true) { echo "BAD5\n"; } } // explicity check that empty string, nil, returns false if (securestring_validate('', $keys) === true) { echo "BAD6 -empty\n"; } if (securestring_validate(true, $keys) === true) { echo "BAD - wrong type\n"; } if (securestring_validate(1, $keys) === true) { echo "BAD -wrong type\n"; } /* if (securestring_validate(array(), $keys) === true) { echo "BAD -empty\n"; } */ // change keys $keys = array(1 => 'foo'); if (securestring_validate($macd, $keys) === true) { echo "BAD6\n"; } // missing key // key 1 is MIA $keys = array(); if (securestring_validate($macd, $keys) === true) { echo "BAD7\n"; } try { securestring_create("", array(1 => "foo"), 1); echo "BAD8 -- can't mac an empty string\n"; } catch (Exception $e) { // } try { securestring_create("bar", array(1 => "foo"), 2); echo "BAD9 -- key doesn't exist\n"; } catch (Exception $e) { // } try { securestring_create("bar", array(1 => ""), 1); echo "BAD10 -- invalid key\n"; } catch (Exception $e) { // } echo "OK\n"; ?>