Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*-------------------------------------------------------------
- Username and password gotten from the login form
- -------------------------------------------------------------*/
- $form_username = $_POST['userusername'];
- $form_password = $_POST['userpassword'];
- /*-------------------------------------------------------------
- Database connection and selection of the database to be used
- -------------------------------------------------------------*/
- //MySQL Server Info
- //$db_host = $_SERVER['DB_HOST'];
- //$db_user = $_SERVER['DB_LOGIN'];
- //$db_pass = $_SERVER['DB_PASSWD'];
- //$db_name = $_SERVER['DB_DB'];
- //MySQL Server Connection
- $link = mysqli_connect('52.40.52.130:3306','root','sitem123!','AromaDB');
- if(!$link)
- {
- die("Could Not Connect:".mysqli_error());
- }
- else
- {
- /*-------------------------------------------------------------
- The query to the database and getting the value from it
- -------------------------------------------------------------*/
- $find_user = "SELECT CUsername,CPassword,C_Salt FROM Customer_Login WHERE CUsername='$form_username'";
- $result = mysqli_query($link, $find_user) or die('Error while trying to find salt'.mysqli_error());
- $row = mysqli_fetch_assoc($result);
- /*-------------------------------------------------------------
- Getting the value from the database
- &
- salting,hashing of the password from the form
- -------------------------------------------------------------*/
- $stored_salt = $row['C_Salt'];
- $stored_hash = $row['CPassword'];
- $check_pass = $stored_salt . $form_password;
- $check_hash = hash('sha512',$check_pass);
- /*-------------------------------------------------------------
- Comparing the two hashed values
- -------------------------------------------------------------*/
- if($check_hash == $stored_hash){
- echo "User authenticated";
- }
- else{
- echo "Not authenticated";
- }
- mysqli_close($link);
- } //Close the connection to the DB
- ?>
Add Comment
Please, Sign In to add comment