Guest User

Untitled

a guest
Oct 12th, 2016
32
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.11 KB | None | 0 0
  1. <?php
  2.    /*-------------------------------------------------------------
  3.         Username and password gotten from the login form
  4.     -------------------------------------------------------------*/
  5.  
  6.     $form_username = $_POST['userusername'];
  7.     $form_password = $_POST['userpassword'];
  8.  
  9.     /*-------------------------------------------------------------
  10.        Database connection and selection of the database to be used
  11.     -------------------------------------------------------------*/
  12.  
  13.     //MySQL Server Info  
  14.     //$db_host = $_SERVER['DB_HOST'];
  15.     //$db_user = $_SERVER['DB_LOGIN'];
  16.     //$db_pass = $_SERVER['DB_PASSWD'];
  17.     //$db_name = $_SERVER['DB_DB'];
  18.  
  19.     //MySQL Server Connection
  20.     $link = mysqli_connect('52.40.52.130:3306','root','sitem123!','AromaDB');
  21.     if(!$link)
  22.     {
  23.         die("Could Not Connect:".mysqli_error());
  24.     }
  25.     else
  26. {
  27.     /*-------------------------------------------------------------
  28.   The query to the database and getting the value from it
  29.     -------------------------------------------------------------*/
  30.  
  31.     $find_user = "SELECT CUsername,CPassword,C_Salt FROM Customer_Login WHERE CUsername='$form_username'";
  32.     $result = mysqli_query($link, $find_user) or die('Error while trying to find salt'.mysqli_error());
  33.     $row = mysqli_fetch_assoc($result);
  34.  
  35.     /*-------------------------------------------------------------
  36.       Getting the value from the database
  37.       &  
  38.       salting,hashing of the password from the form
  39.     -------------------------------------------------------------*/
  40.     $stored_salt = $row['C_Salt'];
  41.     $stored_hash = $row['CPassword'];
  42.     $check_pass = $stored_salt . $form_password;
  43.     $check_hash = hash('sha512',$check_pass);
  44.  
  45.     /*-------------------------------------------------------------
  46.       Comparing the two hashed values
  47.     -------------------------------------------------------------*/
  48.  
  49.     if($check_hash == $stored_hash){
  50.         echo "User authenticated";
  51.     }
  52.     else{
  53.         echo "Not authenticated";
  54.     }
  55.        mysqli_close($link);
  56.        } //Close the connection to the DB
  57. ?>
Add Comment
Please, Sign In to add comment