Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if (!isset($_SESSION['initiated']))
- {
- session_regenerate_id();
- $_SESSION['initiated'] = true;
- }
- if (isset($_SESSION['HTTP_USER_AGENT']))
- {
- if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))
- {
- Header('Location: login_form.php');
- exit();
- }
- }
- else
- {
- $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
- }
- $username = $_POST['username'];
- $pass1 = $_POST['pass1'];
- $pass2 = $_POST['pass2'];
- if($pass1 != $pass2)
- echo 'passwords didnt match <br /><a href='register_form.php'>Back</a>';
- exit();
- if(strlen($username) > 30)
- echo 'username is to long<br /> <a ahref='register_form.php'>Back</a>';
- $hash = hash('sha256', $pass);
- function createSalt()
- {
- $string = md5(uniqid(rand(), true));
- return substr($string 0, 3);
- }
- $salt = createSalt();
- $hash = hash('sha256, $salt . $hash);
- require 'connect.php';
- //sanitize username
- $username = mysql_real_escape_string($username);
- $query = "INSERT INTO users ( username, password, salt )
- VALUES ( '$username' , '$hash', $salt' ); ";
- mysql_query($query);
- mysql_close();
- echo 'User registered!<br /><a href='login_form.php'>Login</a>';
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement