Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!DOCTYPE html>
- <head>
- <title>
- Sha1 in action
- </title>
- </head>
- <body>
- <form action=<?php echo htmlentities($_SERVER['PHP_SELF'],ENT_QUOTES); ?> method="post">
- User <input type="text" name="user" />
- <br />
- Password <input type="password" name="pass" />
- <br />
- Submit<input type="submit" name="submit" />
- <br />
- </form>
- </body>
- </html>
- <?php
- if(isset($_POST['submit']))
- {
- // Inputs from $_POST(more suitable to be used in this case)
- $user = $_POST['user'];
- $pass = $_POST['pass'];
- // Just assume that this is the settings at your sql db
- $sql['user'] = "cshong"; // you may encrypt your username as well if you really wanted full security, although it is not necessary actually
- $sql['pass'] = "4d7596726ca20476148e8fdb1b4c5f44d719a92b"; // pass in sha1 format
- // Execute your sql query to retrieve the $sql data(pardon me on my laziness)
- // Encrypt the user input to be compared with the data at the sql db
- $pass_encrypted = sha1($pass);
- // after results had been retrieved
- if($user == $sql['user'] and $pass_encrypted == $sql['pass'])
- {
- echo 'yay, I can access my account eventhough the pass is actually in an encrypted form at the sql db';
- }
- else
- {
- die("Go die");
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement