Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $user = $_GET['user'];
- $pass = $_GET[' pass'];
- $db['host'] = 'localhost'; #URL DO SERVIDOR MYSQL
- $db['db'] = 'ipb_forum'; #NOME DA DB DO FORUM
- $db['username'] = 'root'; #USUARIO DO MYSQL
- $db['password'] = ''; #SENHA DO MYSQL
- $ipb['auth']['table_name'] = 'members'; #NOME TABELA DE MEMBROS DO IPB
- $ipb['auth']['username_column'] = 'name'; #NOME DA COLUNA DENTRO DA TABELA DE MEMBROS REFERENTE AO NOME DE USUARIO
- $ipb['auth']['password_column'] = 'members_pass_hash'; #NOME DA COLUNA DENTRO DA TABELA DE MEMBROS REFERENTE A HASH DA SENHA
- $ipb['auth']['salt_column'] = 'members_pass_salt'; #NOME DA COLUNA DENTRO DA TABELA DE MEMBROS REFERENTE AO SALT DA HASH DA SENHA
- try{
- $pdo = new PDO("mysql:host={$db['host']};dbname={$db['db']}", $db['username'], $db['password']);
- }catch(Exception $e) {
- die($e->getMessage());
- }
- $statment = 'SELECT * FROM ' . $ipb['auth']['table_name'] . ' WHERE ' . $ipb['auth']['username_column'] '=? LIMIT 1;';
- $query = $pdo->prepare($statment);
- $query->execute([
- $user
- ]);
- $resp = [];
- if($query->rowCount()) {
- $row = $query->fetch(PDO::FETCH_ASSOC);
- $storedHash = $row[$ipb['auth']['password_column']];
- $storedSalt = $row[$ipb['auth']['salt_column']];
- $hash = ipbHash($pass, $storedSalt);
- if($hash === $storedHash) {
- $resp = [
- 'status' => 'authorized',
- 'message' => 'user logged with success'
- ];
- }
- else {
- $resp = [
- 'status' => 'unauthorized',
- 'message' => 'invalid password'
- ];
- }
- }
- else {
- $resp = [
- 'status' => 'denied',
- 'message' => 'user not found in database'
- ];
- }
- echo json_encode($resp);
- die();
- function ipbHash($password, $salt) {
- if($password == null || $salt == null) return '';
- return md5(md5(salt) + md5(password));
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement