Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- require("common.php");
- $protect_php = '';
- if(!empty($_POST))
- {
- // Ensure that the user has entered a non-empty username
- if(empty($_POST['username']))
- {
- die("Please enter a username.");
- }
- // Ensure that the user has entered a non-empty password
- if(empty($_POST['password']))
- {
- die("Please enter a password.");
- }
- if(empty($_POST['email']))
- {
- die("Invalid E-Mail Address");
- }
- $query = "
- SELECT
- 1
- FROM users
- WHERE
- username = :username
- ";
- $query_params = array(
- ':username' => $_POST['username']
- );
- try
- {
- // These two statements run the query against your database table.
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_params);
- }
- catch(PDOException $ex)
- {
- // Note: On a production website, you should not output $ex->getMessage().
- // It may provide an attacker with helpful information about your code.
- die("Failed to run query: " . $ex->getMessage());
- }
- // The fetch() method returns an array representing the "next" row from
- // the selected results, or false if there are no more rows to fetch.
- $row = $stmt->fetch();
- // If a row was returned, then we know a matching username was found in
- // the database already and we should not allow the user to continue.
- if($row)
- {
- $resultArray = array();
- $resultArray["text"] = "This username is already in use";
- $resultJSON = json_encode($resultArray);
- die($resultJSON);
- }
- // Now we perform the same type of check for the email address, in order
- // to ensure that it is unique.
- $query = "
- SELECT
- 1
- FROM users
- WHERE
- email = :email
- ";
- $query_params = array(
- ':email' => $_POST['email']
- );
- try
- {
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_params);
- }
- catch(PDOException $ex)
- {
- die("Failed to run query: " . $ex->getMessage());
- }
- $row = $stmt->fetch();
- if($row)
- {
- $resultArray = array();
- $resultArray["text"] = "This email address is already registered";
- $resultJSON = json_encode($resultArray);
- die($resultJSON);
- }
- // An INSERT query is used to add new rows to a database table.
- // Again, we are using special tokens (technically called parameters) to
- // protect against SQL injection attacks.
- $query = "
- INSERT INTO users (
- username,
- password,
- salt,
- email
- ) VALUES (
- :username,
- :password,
- :salt,
- :email
- )
- ";
- // A salt is randomly generated here to protect again brute force attacks
- // and rainbow table attacks. The following statement generates a hex
- // representation of an 8 byte salt. Representing this in hex provides
- // no additional security, but makes it easier for humans to read.
- // For more information:
- // http://en.wikipedia.org/wiki/Salt_%28cryptography%29
- // http://en.wikipedia.org/wiki/Brute-force_attack
- // http://en.wikipedia.org/wiki/Rainbow_table
- $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
- // This hashes the password with the salt so that it can be stored securely
- // in your database. The output of this next statement is a 64 byte hex
- // string representing the 32 byte sha256 hash of the password. The original
- // password cannot be recovered from the hash. For more information:
- // http://en.wikipedia.org/wiki/Cryptographic_hash_function
- $password = password_hash($password, PASSWORD_BCRYPT);
- // Here we prepare our tokens for insertion into the SQL query. We do not
- // store the original password; only the hashed version of it. We do store
- // the salt (in its plaintext form; this is not a security risk).
- $query_params = array(
- ':username' => $_POST['username'],
- ':password' => $password,
- ':salt' => $salt,
- ':email' => $_POST['email']
- );
- try
- {
- // Execute the query to create the user
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_params);
- $resultArray = array();
- $resultArray["text"] = "Go to Login";
- $resultArray["protectkey"] = $protect_php;
- $resultJSON = json_encode($resultArray);
- // This redirects the user back to the login page after they register
- die($resultJSON);
- }
- catch(PDOException $ex)
- {
- // Note: On a production website, you should not output $ex->getMessage().
- // It may provide an attacker with helpful information about your code.
- die("Failed to run query: " . $ex->getMessage());
- }
- }
- <?php
- require("common.php");
- $submitted_username = '';
- $protect_php = '';
- if(!empty($_POST))
- {
- $query = "
- SELECT
- id,
- username,
- password,
- salt,
- email
- FROM users
- WHERE
- username = :username
- ";
- // The parameter values
- $query_params = array(
- ':username' => $_POST['username']
- );
- try
- {
- // Execute the query against the database
- $stmt = $db->prepare($query);
- $result = $stmt->execute($query_params);
- }
- catch(PDOException $ex)
- {
- $resultArray = array();
- $resultArray["text"] = "Failed to run query: " . $ex->getMessage();
- $resultJSON = json_encode($resultArray);
- die($resultJSON);
- }
- $login_ok = false;
- $row = $stmt->fetch();
- if($row)
- {
- $algo = substr($row['password'], 0, 4); // $2y$ == BLOWFISH
- $cost = substr($row['password'], 4, 2);
- $salt = substr($row['password'], 7, 22);
- $result = password_verify($_POST['password'],substr($row['password'],0,60));
- $success = ($result) ? 'True': 'False';
- if($success == 'True')
- {
- // If they do, then we flip this to true
- $login_ok = true;
- }
- }
- if($login_ok)
- {
- unset($row['salt']);
- unset($row['password']);
- $_SESSION['user'] = $row;
- $resultArray = array();
- $resultArray["text"] = "Password Correct";
- $user_id_present = $_POST['username'] ;
- $query_score = "SELECT MAX(score) AS HighScore FROM user_scores WHERE user_id = :user_id";
- // The parameter values
- $query_params = array(
- ':user_id' => $_POST['username'] );
- try
- {
- $stmt_score = $db->prepare($query_score);
- $result = $stmt_score->execute($query_params);
- $row_score = $stmt_score->fetch();
- $resultArray["score"] = $row_score['HighScore'];
- }
- catch(PDOException $ex)
- {
- $resultArray["score"] = "";
- }
- $resultArray["protectkey"] = $protect_php;
- $resultJSON = json_encode($resultArray);
- // This redirects the user back to the login page after they register
- die($resultJSON);
- //die("Password Correct");
- }
- else
- {
- // Tell the user they failed
- $resultArray = array();
- $resultArray["text"] = password_verify($_POST['password'],substr($row['password'],0,60));
- $resultJSON = json_encode($resultArray);
- die($resultJSON);
- $submitted_username = htmlentities($_POST['username'], ENT_QUOTES, 'UTF-8');
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement