Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require("password.php");
- $con = mysqli_connect("198.91.81.5", "mycloudb_hcs13", "173531", "mycloudb_bets");
- $username = $_POST["username"];
- $password = $_POST["password"];
- $statement = mysqli_prepare($con, "SELECT * FROM user WHERE username = ?");
- mysqli_stmt_bind_param($statement, "s", $username);
- mysqli_stmt_execute($statement);
- mysqli_stmt_store_result($statement);
- mysqli_stmt_bind_result($statement, $colUserID, $colName, $colUsername, $colAge, $colPassword);
- $response = array();
- $response["success"] = false;
- while(mysqli_stmt_fetch($statement)){
- if (password_verify($password, $colPassword)) {
- $response["success"] = true;
- $response["name"] = $colName;
- $response["age"] = $colAge;
- }
- }
- echo json_encode($response);
- ?>
- /**
- * A Compatibility library with PHP 5.5's simplified password hashing API.
- *
- * @author Anthony Ferrara <ircmaxell@php.net>
- * @license http://www.opensource.org/licenses/mit-license.html MIT License
- * @copyright 2012 The Authors
- */
- namespace {
- if (!defined('PASSWORD_BCRYPT')) {
- /**
- * PHPUnit Process isolation caches constants, but not function declarations.
- * So we need to check if the constants are defined separately from
- * the functions to enable supporting process isolation in userland
- * code.
- */
- define('PASSWORD_BCRYPT', 1);
- define('PASSWORD_DEFAULT', PASSWORD_BCRYPT);
- define('PASSWORD_BCRYPT_DEFAULT_COST', 10);
- }
- if (!function_exists('password_hash')) {
- /**
- * Hash the password using the specified algorithm
- *
- * @param string $password The password to hash
- * @param int $algo The algorithm to use (Defined by PASSWORD_* constants)
- * @param array $options The options for the algorithm to use
- *
- * @return string|false The hashed password, or false on error.
- */
- function password_hash($password, $algo, array $options = array()) {
- if (!function_exists('crypt')) {
- trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING);
- return null;
- }
- if (is_null($password) || is_int($password)) {
- $password = (string) $password;
- }
- if (!is_string($password)) {
- trigger_error("password_hash(): Password must be a string", E_USER_WARNING);
- return null;
- }
- if (!is_int($algo)) {
- trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING);
- return null;
- }
- $resultLength = 0;
- switch ($algo) {
- case PASSWORD_BCRYPT:
- $cost = PASSWORD_BCRYPT_DEFAULT_COST;
- if (isset($options['cost'])) {
- $cost = (int) $options['cost'];
- if ($cost < 4 || $cost > 31) {
- trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING);
- return null;
- }
- }
- // The length of salt to generate
- $raw_salt_len = 16;
- // The length required in the final serialization
- $required_salt_len = 22;
- $hash_format = sprintf("$2y$%02d$", $cost);
- // The expected length of the final crypt() output
- $resultLength = 60;
- break;
- default:
- trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING);
- return null;
- }
- $salt_req_encoding = false;
- if (isset($options['salt'])) {
- switch (gettype($options['salt'])) {
- case 'NULL':
- case 'boolean':
- case 'integer':
- case 'double':
- case 'string':
- $salt = (string) $options['salt'];
- break;
- case 'object':
- if (method_exists($options['salt'], '__tostring')) {
- $salt = (string) $options['salt'];
- break;
- }
- case 'array':
- case 'resource':
- default:
- trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING);
- return null;
- }
- if (PasswordCompatbinary_strlen($salt) < $required_salt_len) {
- trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", PasswordCompatbinary_strlen($salt), $required_salt_len), E_USER_WARNING);
- return null;
- } elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) {
- $salt_req_encoding = true;
- }
- } else {
- $buffer = '';
- $buffer_valid = false;
- if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {
- $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM);
- if ($buffer) {
- $buffer_valid = true;
- }
- }
- if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) {
- $strong = false;
- $buffer = openssl_random_pseudo_bytes($raw_salt_len, $strong);
- if ($buffer && $strong) {
- $buffer_valid = true;
- }
- }
- if (!$buffer_valid && @is_readable('/dev/urandom')) {
- $file = fopen('/dev/urandom', 'r');
- $read = 0;
- $local_buffer = '';
- while ($read < $raw_salt_len) {
- $local_buffer .= fread($file, $raw_salt_len - $read);
- $read = PasswordCompatbinary_strlen($local_buffer);
- }
- fclose($file);
- if ($read >= $raw_salt_len) {
- $buffer_valid = true;
- }
- $buffer = str_pad($buffer, $raw_salt_len, "