From: paulr Date: Sun, 21 Nov 2010 16:44:35 +0000 (+1100) Subject: updated the readme X-Git-Url: http://git.pjr.cc/?a=commitdiff_plain;h=2245953d256f03c5803faecf00a07b70d250a6fc;p=ga4php.git updated the readme --- diff --git a/doco/readme.txt b/doco/readme.txt index 6e8da30..307a799 100644 --- a/doco/readme.txt +++ b/doco/readme.txt @@ -1,8 +1,3 @@ -/* Note: This readme is moderately out of day, go see the GA4PHP -Wiki - http://code.google.com/p/ga4php/w/list But i'll keep the -file around for historical reasons */ - - The GA4PHP Project ================== @@ -27,54 +22,7 @@ that fullfilled some realistic criteria - easy to use, easy to provision. -READ THIS BIT -============= - -in the example page, i send a url off to google charts to create -the QRCode. NEVER EVER EVER EVER EVER do this. I do it cause for -the example it doesnt matter, and if i find a better way of doing -it i'll do it. BUT creating a qrcode on a page aint terribly easy. -The point is, that QR code is a URL containing the tokens SECRET -KEY and should remain secret. You can generate qrcodes anyway you -like, BUT MAKE SURE ITS SECURE (i.e. never save them on the FS, -and send them all over ssl). - -If your running on linux, most distro's have a program called -qrencode that you can use. - - -How? -==== - -Ultimately, this is just a library with a web based example, -the purpose of which is to integrate into your exisint applications, -those that are PHP. - - -Usage -===== -... TODO ... - - -Complications -============= - -The only real complication i've had so far is that alot of the -HOTP based keys out there provide the secret key as HEX where -google choose to use base32, of which there exist no single -or simple implementation. So I wrote my (rather terrible so far) -own as all i really want to do is convert from base32 back to -hex, this I do by converting to binary first... Lets how thats -going to work in the long run. The sad thing is is that if I -were writing it in C/C++/etc, bit math is easy and while im sure -its not too different in PHP, I've never done it, so this seeemed -easier. - - -Acknowledgements -================ - -Google, for producing google authenticator -The guys at mOTP who got me all excited about token authenticators -The guys on this page who spell out how to do hotp - http://php.net/manual/en/function.hash-hmac.php \ No newline at end of file +How To Use It? +============== +See the examples and the wiki over at the project page, +http://code.google.com/p/ga4php/