php SRP6 Login

1. <?php
2. session_start();
3. error_reporting(E_ALL);
4. $conn = mysqli_connect("127.0.0.1", "root", "ascent", "auth");
5.  
6. function calculateSRP6Verifier($username, $password, $salt) {
7.   $g = gmp_init(7);
8.   $N = gmp_init('894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7', 16);
9.   $h1 = sha1(strtoupper($username . ':' . $password), TRUE);
10.   $h2 = sha1($salt.$h1, TRUE);
11.   $h2 = gmp_import($h2, 1, GMP_LSW_FIRST);
12.   $verifier = gmp_powm($g, $h2, $N);
13.   $verifier = gmp_export($verifier, 1, GMP_LSW_FIRST);
14.   $verifier = str_pad($verifier, 32, chr(0), STR_PAD_RIGHT);
15.   return $verifier;
16. }
17.  
18. function getsalt($username, $password) {
19.   $conn = mysqli_connect("127.0.0.1", "root", "ascent", "auth");
20.   $stmt = $conn->prepare("SELECT * FROM account WHERE username = ?");
21.   $stmt->bind_param("s", $username);
22.   $stmt->execute();
23.   $result = $stmt->get_result();
24.   if($result->num_rows > 0) {
25.     while($row = $result->fetch_assoc()) {
26.       return calculateSRP6Verifier($row['username'], $password, $row['salt']);
27.     }
28.   }
29. }
30.  
31. $verifier = getsalt($_POST['username'], $_POST['password']);
32.  
33. $stmt = $conn->prepare("SELECT * FROM account WHERE username = ? AND verifier = ?");
34. $stmt->bind_param("ss", $_POST['username'], $verifier);
35. $stmt->execute();
36. $result = $stmt->get_result();
37. if($result->num_rows > 0) {
38.   while($row = $result->fetch_assoc()) {
39.     $_SESSION['username'] = $row['username'];
40.     $_SESSION['uid'] = $row['id'];
41.     header("location: ../?p=home");
42.   }
43. }else{
44.   echo "Wrong username or password";
45.   header("refresh:3; ../?p=home");
46. }
47. ?>
48.