Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $username = strtolower($_GET["username"]);
- $password = $_GET["password"];
- $con = mysql_connect("localhost","MysqlUsername","MysqlPassword");
- if (!$con)
- {
- die('conection failed');
- }
- mysql_select_db("Database", $con);
- $result = mysql_query("SELECT * FROM phpbb_users
- WHERE username_clean='{$username}'");
- while($row = mysql_fetch_array($result))
- {
- $realHash = $row['user_password'];
- }
- if(phpbb_check_hash($password, $realHash))
- echo "true";
- else
- echo "false";
- function phpbb_check_hash($password, $hash)
- {
- $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
- if (strlen($hash) == 34)
- {
- return (_hash_crypt_private($password, $hash, $itoa64) === $hash) ? true : false;
- }
- return (md5($password) === $hash) ? true : false;
- }
- function _hash_encode64($input, $count, &$itoa64)
- {
- $output = '';
- $i = 0;
- do
- {
- $value = ord($input[$i++]);
- $output .= $itoa64[$value & 0x3f];
- if ($i < $count)
- {
- $value |= ord($input[$i]) << 8;
- }
- $output .= $itoa64[($value >> 6) & 0x3f];
- if ($i++ >= $count)
- {
- break;
- }
- if ($i < $count)
- {
- $value |= ord($input[$i]) << 16;
- }
- $output .= $itoa64[($value >> 12) & 0x3f];
- if ($i++ >= $count)
- {
- break;
- }
- $output .= $itoa64[($value >> 18) & 0x3f];
- }
- while ($i < $count);
- return $output;
- }
- function _hash_crypt_private($password, $setting, &$itoa64)
- {
- $output = '*';
- // Check for correct hash
- if (substr($setting, 0, 3) != '$H$')
- {
- return $output;
- }
- $count_log2 = strpos($itoa64, $setting[3]);
- if ($count_log2 < 7 || $count_log2 > 30)
- {
- return $output;
- }
- $count = 1 << $count_log2;
- $salt = substr($setting, 4, 8);
- if (strlen($salt) != 8)
- {
- return $output;
- }
- if (PHP_VERSION >= 5)
- {
- $hash = md5($salt . $password, true);
- do
- {
- $hash = md5($hash . $password, true);
- }
- while (--$count);
- }
- else
- {
- $hash = pack('H*', md5($salt . $password));
- do
- {
- $hash = pack('H*', md5($hash . $password));
- }
- while (--$count);
- }
- $output = substr($setting, 0, 12);
- $output .= _hash_encode64($hash, 16, $itoa64);
- return $output;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement