API tools faq
paste
Advertisement
Guest User

Authme Class

a guest
Mar 28th, 2016
119
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.74 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3. * Copyright (C) 2015-2016 Leonardosc
  4. *
  5. * This program is free software; you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License as published by
  7. * the Free Software Foundation; either version 2 of the License, or
  8. * (at your option) any later version.
  9. *
  10. * This program is distributed in the hope that it will be useful,
  11. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13. * GNU General Public License for more details.
  14. *
  15. * You should have received a copy of the GNU General Public License along
  16. * with this program; if not, write to the Free Software Foundation, Inc.,
  17. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  18. *
  19. * 21/01/2015
  20. */
  21.  
  22. class AuthMe {
  23.  
  24. /* TIPOS DE HASH DO AUTHME */
  25. const MD5 = "md5";
  26. const SHA256 = "sha256";
  27. const SHA1 = "sha1";
  28. const WHIRLPOOL = "whirlpool";
  29. const MD5VB = "md5vb";
  30. const PLAINTEXT = "plaintext";
  31.  
  32. /* CONEXÃO DO BANCO DE DADOS. */
  33. private $conection;
  34.  
  35. /* NOME DA TASBELA DO AUTHME */
  36. private $authme_table;
  37.  
  38. /* HASH USADA */
  39. private $algorithm;
  40.  
  41. /* ESTA É A METODO CONSTRUTOR DA CLASSE *
  42.  
  43. PARAMETROS
  44. $db_host = Ip do seu banco de dados mysql;
  45. $db_user = Nome de usuario do seu banco de dados mysql.
  46. $db_pass = Senha do seu banco de dados mysql;
  47. $db_name = Nome do database do mysql;
  48. $authme_table = Nome da tabela do authme;
  49. $algo = Tipo de hash que seu authme está utilizando;
  50. */
  51. public function __construct($db_host, $db_user, $db_pass, $db_name, $authme_table, $algo) {
  52. $this->authme_table = $authme_table;
  53. $this->algorithm = $algo;
  54. @$this->conection = mysqli_connect($db_host, $db_user, $db_pass) or die(mysqli_connect_error());
  55. @mysqli_select_db($this->conection, $db_name) or die(mysqli_error($this->conection));
  56. }
  57.  
  58. /* METODO DESTRUTOR, O CONTRARIO DO CONSTRUTOR '-' */
  59. public function __destruct() {
  60. if (is_object($this->conection)) {
  61. $this->conection->close();
  62. unset($this->algorithm);
  63. unset($this->authme_table);
  64. }
  65. }
  66.  
  67. /* METODO USADO PARA AUTENTICAR UM USUARIO
  68.  
  69. PARAMETROS
  70. $user = Nome de usuario.
  71. $pass = Senha do usuario.
  72.  
  73. */
  74. public function authenticate($user, $pass) {
  75. $user = addslashes($user);
  76. $query = mysqli_query($this->conection, "SELECT password FROM {$this->authme_table} WHERE username='{$user}'");
  77.  
  78. if (mysqli_num_rows($query) == 1) {
  79. $ret = mysqli_fetch_array($query);
  80. $hash_pass = $ret[0];
  81. return self::compare($pass, $hash_pass);
  82. } else {
  83. return false;
  84. }
  85. }
  86.  
  87. /* METODO USADO PARA REGISTRAR UM USUARIO
  88.  
  89. PARAMETROS
  90. $user = Nome de usuario.
  91. $pass = Senha do usuario.
  92. $ip = Ip do usuario.
  93. */
  94. public function register($user, $pass, $ip = "0.0.0.0") {
  95. $user = addslashes($user);
  96. $pass = addslashes(self::AMHash($pass));
  97.  
  98. if (self::isUsernameRegistered($user)) {
  99. return false;
  100. }
  101.  
  102. return mysqli_query($this->conection, "INSERT INTO {$this->authme_table} (`username`, `password`, `ip`, `lastlogin`, `x`, `y`, `z`) VALUES ('{$user}','{$pass}','{$ip}','0','0','0','0')");
  103. }
  104.  
  105. /* METODO USADO PARA ALTERAR A SENHA DE UM USUARIO
  106.  
  107. PARAMETROS
  108. $user = Nome de usuario.
  109. $newpass = Nova senha do usuario.
  110.  
  111. */
  112. public function changePassword($username, $newpass) {
  113. if (!self::isUsernameRegistered($username)) {
  114. return false;
  115. }
  116.  
  117. $username = addslashes($username);
  118. $newpass = addslashes(self::AMHash($newpass));
  119.  
  120. return mysqli_query($this->conection, "UPDATE {$this->authme_table} SET password='$newpass' WHERE username='$username'");
  121. }
  122.  
  123. /* METODO USADO PARA VERIFICAR SE UM DETERMINADO IP ESTA REGISTRADO.
  124.  
  125. PARAMETROS
  126. $ip = Ip que deseja verificar.
  127. */
  128. public function isIpRegistered($ip) {
  129. $ip = addslashes($ip);
  130. $query = mysqli_query($this->conection, "SELECT ip FROM {$this->authme_table} WHERE ip='{$ip}'");
  131. return mysqli_num_rows($query) >= 1;
  132. }
  133.  
  134. /* METODO USADO PARA VERIFICAR SE UM DETERMINADO NOME DE USUARIO ESTA REGISTRADO.
  135.  
  136. PARAMETROS
  137. $user = Nome de usuario que deseja verificar.
  138. */
  139. public function isUsernameRegistered($user) {
  140. $user = addslashes($user);
  141. $query = mysqli_query($this->conection, "SELECT username FROM {$this->authme_table} WHERE username='{$user}'");
  142. return mysqli_num_rows($query) >= 1;
  143. }
  144.  
  145. /* METODOS PRIVADOS, USO SOMENTE DA CLASSE. */
  146. private function compare($pass, $hash_pass) {
  147. switch ($this->algorithm) {
  148.  
  149. case "sha256":
  150. $shainfo = explode("$", $hash_pass);
  151. $pass = hash("sha256", $pass).$shainfo[2];
  152. return strcasecmp($shainfo[3], hash('sha256', $pass)) == 0;
  153.  
  154. case "sha1":
  155. return strcasecmp($hash_pass, hash('sha1', $pass)) == 0;
  156.  
  157. case "md5":
  158. return strcasecmp($hash_pass, hash('md5', $pass)) == 0;
  159.  
  160. case "whirlpool":
  161. return strcasecmp($hash_pass, hash('whirlpool', $pass)) == 0;
  162.  
  163. case "md5vb":
  164. $shainfo = explode("$", $hash_pass);
  165. $pass = hash("md5", $pass).$shainfo[2];
  166. return strcasecmp($shainfo[3], hash('md5', $pass)) == 0;
  167.  
  168. case "plaintext":
  169. return $hash_pass == $pass;
  170.  
  171. default:
  172. return false;
  173. }
  174. }
  175.  
  176. private function AMHash($pass) {
  177. switch ($this->algorithm) {
  178.  
  179. case "sha256":
  180. $salt = self::createSalt();
  181. return "\$SHA\$".$salt."\$".hash("sha256", hash('sha256', $pass).$salt);
  182.  
  183. case "sha1":
  184. return hash("sha1", $pass);
  185.  
  186. case "md5":
  187. return hash("sha1", $pass);
  188.  
  189. case "whirlpool":
  190. return hash("sha1", $pass);
  191.  
  192. case "md5vb":
  193. $salt = self::createSalt();
  194. return "\$MD5vb\$".$salt."\$".hash("md5", hash('md5', $pass).$salt);
  195.  
  196. case "plaintext":
  197. return $pass;
  198.  
  199. default:
  200. return false;
  201. }
  202. }
  203.  
  204. private function createSalt() {
  205. $salt = "";
  206. for ($i = 0; $i < 20; $i++) {
  207. $salt .= rand(0, 9);
  208. }
  209. return substr(hash("sha1", $salt), 0, 16);
  210. }
  211. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!