Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once "PasswordHash.php";
- $connect = new mysqli('localhost', 'root', '', 'hash');
- if(isset($_POST['flag'])){
- extract($_POST);
- $sol=md5('sol');
- $logAccepted=mysqli_real_escape_string($connect, $login);
- $passAccepted=mysqli_real_escape_string($connect, $password);
- if($_POST['flag']=='register'){
- if($_POST['option']=='md5'){
- if($logAccepted==true && $passAccepted==true){
- $hash_md5 = md5($password).$sol;
- $query_md5 = "INSERT INTO users (login,password,sol) VALUES ('$login', '$hash_md5', '$sol')";
- $connect->query($query_md5);
- echo "Zarejestrowano z md5<br>";
- }
- else{
- echo "Podano nieprawidłowe dane<br>";
- }
- }
- if($_POST['option']=='bcrypt'){
- if($logAccepted==true && $passAccepted==true){
- $hash_bcrypt = password_hash($password, PASSWORD_BCRYPT);
- $query_bcrypt = "INSERT INTO users (login,password) VALUES ('$login', '$hash_bcrypt')";
- $connect->query($query_bcrypt);
- echo "Zarejestrowano z bcrypt<br>";
- }
- else{
- echo "Podano nieprawidłowe dane<br>";
- }
- }
- if($_POST['option']=='phppass'){
- if($logAccepted==true && $passAccepted==true){
- $hasher = new PasswordHash(8, FALSE);
- $hash_phppass = $hasher->HashPassword($password);
- $query_phppass = "INSERT INTO users (login,password) VALUES ('$login', '$hash_phppass')";
- $connect->query($query_phppass);
- echo "Zarejestrowano z phppass<br>";
- }
- else{
- echo "Podano nieprawidłowe dane<br>";
- }
- }
- }
- if($_POST['flag']=='log'){
- $login_clean = htmlentities($login, ENT_QUOTES, 'UTF-8');
- if($_POST['option']=='md5'){
- $hash_md5 = md5($password).$sol;
- $query_get = "SELECT * FROM users WHERE login='$login_clean' AND password='$hash_md5' LIMIT 1";
- $res = $connect->query($query_get);
- $result = $res->fetch_object() or die("Nie podano poprawnych danych");
- if(mysqli_num_rows($res)>0){
- echo "Zalogowano przy użyciu md5 + salt: $result->login<br>";
- }
- else{
- echo "Nie zalogowano przy użyciu md5 + salt<br>";
- }
- }
- if($_POST['option']=='bcrypt'){
- $query_get = "SELECT * FROM users WHERE login='$login_clean' LIMIT 1";
- $res = $connect->query($query_get);
- $result = $res->fetch_object() or die("Nie podano poprawnych danych");
- if(password_verify($password, $result->password)){
- echo "Zalogowano przy użyciu bcrypt: $result->login<br>";
- }
- else{
- echo "Nie zalogowano przy użyciu bcrypt<br>";
- }
- }
- if($_POST['option']=='phppass'){
- $hasher = new PasswordHash(8, FALSE);
- $query_get = "SELECT * FROM users WHERE login='$login_clean' LIMIT 1";
- $res = $connect->query($query_get);
- $result = $res->fetch_object() or die("Nie podano poprawnych danych");
- if($hasher->CheckPassword($password, $result->password)){
- echo "Zalogowano przy użyciu phpPass: $result->login<br>";
- }
- else{
- echo "Nie zalogowano przy użyciu phpPass<br>";
- }
- }
- }
- }
- ?>
- <a href='register_form.html'>Formularz rejestracji</a>
- <form action='index.php' method="POST">
- Algorytm hashowania:
- <select name='option'>
- <option value='md5'>md5</option>
- <option value='bcrypt'>brcypt</option>
- <option value='phppass'>phppass</option>
- </select>
- <br> Login:
- <input type='text' name='login'>
- <br> Haslo:
- <input type='password' name='password'>
- <br>
- <input type='hidden' name='flag' value='log'>
- <input type='submit'>
- </form>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement