Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('includes/connection.php');
- $str='';
- for($i=7;$i>0;$i--)
- {
- $str=$str.chr(rand(97,122));
- }
- $salt=$str;
- ?>
- <!DOCTYPE html>
- <html lang="en" >
- <head>
- <meta charset="UTF-8">
- <title>Sign-Up/Login Form</title>
- <link rel="stylesheet" href="css/font.css">
- <link rel="stylesheet" href="css/normal.css">
- <link rel="stylesheet" href="css/style.css">
- <script src='js/jquery.min.js' ></script>
- <script src="js/sha512.js"></script>
- </head>
- <body>
- <div class="form">
- <div id="login">
- <h1>Login Panel</h1>
- <form action="forlogin.php" method="post">
- <div class="field-wrap">
- <label>
- Username<span class="req">*</span>
- </label>
- <input type="text" name="username" id="username" required autocomplete="off"/>
- </div>
- <div class="field-wrap">
- <label>
- Password<span class="req">*</span>
- </label>
- <input type="password" id="pwd" name="password" required autocomplete="off"/>
- </div>
- <div class="field-wrap">
- <?php echo Securimage::getCaptchaHtml() ?>
- </div>
- <br><button name="submit" value="submit" class="button button-block"/>Log In</button>
- </form>
- </div>
- </div><!-- tab-content -->
- </div> <!-- /form -->
- <script src='js/index.js' ></script>
- <script type="text/javascript">
- document.getElementById('pwd').onchange = function()
- {
- var salt = "<?php echo $salt ?>";
- var txt_string = document.getElementById('pwd').value;
- var plainhash=document.getElementById('pwd').value =encrpt(txt_string);
- var passhash= plainhash+salt;
- var final_hash= document.getElementById('pwd').value =encrpt(passhash);
- console.log("This is your plain password which you entered: " , txt_string);
- console.log("This is your salt which is fetched: ", salt);
- console.log("This is your simple sha512 hash: ", plainhash);
- console.log("This is your plainhash + salt: ", passhash);
- console.log("This is your salted hash", final_hash);
- return false;
- }
- </script>
- <?php
- $username=$_POST['username'];
- $pass=$_POST['password'];
- // $hashed = hash('sha512',$pass);
- // $new_pa = $hashed.$salt;
- // $final = hash('sha512',$new_pa);
- $sql="SELECT * FROM `users` WHERE username = '$username'";
- $result= mysql_query($sql);
- if($row = mysql_fetch_array( $result )){
- $new_pass= $row['password'];
- }
- $new_admin = $new_pass.$salt;
- $salted_new =hash('sha512',$new_admin);
- if($pass == $salted_new)
- {
- echo "success";
- }
- else
- {
- echo "<br>not success";
- }
- echo "<br>salt in variable: ".$salt;
- echo "<br> Password from row: ".$new_pass;
- echo "<br>password and salt: ".$new_admin;
- echo "<br>salted hashed: ".$salted_new;
- echo "<br> Password you entered : ".$pass;
- ?>
Add Comment
Please, Sign In to add comment