Two-way authentication with google authentication app

Question

Can someone guide me on what I've done wrong with implementing Google authentication app? Here is what I've tried without success:

1# Create secret key

$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ234567'; // allowed characters in Base32
$secret = ''; 
for ( $i = 0; $i < 16; $i++ )
{   $secret .= substr( $chars, mt_rand( 0, strlen( $chars ) - 1 ), 1 );  }

2# Create QR code via google service (description+secret key)and scan by smart phone and 6 digit is generating in every 30sec by Google-authentication app

3#. Now I'm trying to verify it ...([use base32 algo][1])

$tm = floor( time() / 30 );    // for time purpose  
$secretkey=Base32::decode($secretkey); // return blank
$time=chr(0).chr(0).chr(0).chr(0).pack('N*',$tm+$i);

// Hash it with users secret key
$hm = hash_hmac( 'SHA1', $time, $secretkey, true );

// Use last nipple of result as index/offset
$offset = ord(substr($hm,-1)) & 0x0F;

// grab 4 bytes of the result
$hashpart=substr($hm,$offset,4);

// Unpak binary value
$value=unpack("N",$hashpart);
$value=$value[1];

// Only 32 bits
$value = $value & 0x7FFFFFFF;
$value = $value % 1000000;

The above code is based on other sources(wordpress google authentication app)...but it's not working.

$secretkey=Base32::decode($secretkey); always returns blank (empty)

Is there another way how to verify or implement time-based algo? Or a link where I can read about how to code for 2-way authentication for site?

Thanks for advance and appreciable effort. (I think its a security purpose question so I have put here instead of stackoverflow.. :) )

Answer 1

Implemented by using github.com/chregu/GoogleAuthenticator.php