API tools faq
paste
Guest User

Untitled

a guest
Jul 16th, 2018
108
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.09 KB | None | 0 0
raw download clone embed print report
  1. class salt
  2. {
  3. /**
  4. * @var string $salt; the salt used for the password.
  5. */
  6. protected $salt;
  7.  
  8. /**
  9. * @var string $password; the plain text password;
  10. */
  11. protected $password;
  12.  
  13. public function __construct()
  14. {
  15. // declaring the variables.
  16. $this -> salt = $salt;
  17. $this -> password = $password = null;
  18. }
  19.  
  20. public function generate_salt()
  21. {
  22. // the variable which determines the random salt.
  23. $this -> salt = substr(str_pad(dechex(mt_rand()), 8, '0', STR_PAD_LEFT ), -8 );
  24.  
  25. // !return, easy. I think.
  26. if ($this -> salt != null)
  27. {
  28. return $this -> salt;
  29. }
  30. }
  31.  
  32. /**
  33. * @desc; this function is a sub-function of make_salt. make_salt() relies on this function to provide output.
  34. */
  35. public function get_salt($username, $password)
  36. {
  37. // Old style MySQL query, your host should support it though.
  38. $this -> result = mysql_query("SELECT * FROM `login` WHERE username='".$username."' AND password='".$password."'");
  39. $this -> row = mysql_fetch_array($this -> result);
  40.  
  41. if ($this -> row)
  42. {
  43. return $this -> row['salt'];
  44. }
  45. else
  46. {
  47. echo mysql_error();
  48. }
  49. }
  50.  
  51. // the magic function!
  52. public function make_salt($username, $password)
  53. {
  54. // if there is no salt in the current user's table
  55. if (!self::get_salt($username,$password))
  56. {
  57. // generate a salt and insert it into the database
  58. $this -> salt = self::generate_salt();
  59.  
  60. if ($this -> salt != null)
  61. {
  62. $this -> result = mysql_query("SELECT * FROM `login` WHERE username='".$username."' AND password='".$password."'");
  63. $this -> row = mysql_fetch_array($this -> result);
  64.  
  65. // check if the user exists in the db, and then insert the salt.
  66. if ( $this -> row )
  67. {
  68. $this -> update_salt = mysql_query("UPDATE `login` SET salt='".$this -> salt."' WHERE username='".$username."' AND password='".$password."'");
  69. if (!$this -> update_salt)
  70. echo mysql_error();
  71. }
  72. else
  73. {
  74. echo mysql_error();
  75. die('Unable to find the specified user.. maybe he/she does not exist?!');
  76. }
  77. }
  78. else
  79. // if the salt is null, then die with this message. you should never see this though. last resort exit.
  80. die('Salt is null?!');
  81. }
  82. else
  83. {
  84. // if the user has a salt, then grab it and hash the provided password to obtain the final salted password.
  85. if (self::get_salt($username,$password))
  86. {
  87. $this -> user_salt = self::get_salt($username,$password);
  88.  
  89. $this -> salted_password = sha1($this->user_salt.$password);
  90. return $this -> salted_password;
  91. }
  92. else
  93. {
  94. die('Unable to retrieve the salt for this user.');
  95. }
  96. }
  97. }
  98. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!