Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include('conn.php');
- include('settings.php');
- class login
- {
- function __construct($user, $pass){
- $this->login($user, $pass);
- }
- function login($user, $pass){
- //connect to mysql
- $mysqli = connect();
- //password protection i.e. salting
- $pass = $this->hash_n_salt($pass, $user);
- //protect me and the database
- $user = $mysqli->real_escape_string($user);
- $pass = $mysqli->real_escape_string($pass);
- $sql = "SELECT `username`, `rank`, `language` FROM ".USERS_TABLE." WHERE `username` = '".$user."' AND `password` = '".$pass."' LIMIT 1";
- $r = $mysqli->query($sql);
- if($r->num_rows > 0){
- //login successful
- header("Location: welcome.php");
- exit;
- }else{
- //login failed
- echo "you is n00bz! i 133t! moahaha";
- exit;
- }
- }
- function hash_n_salt($pass, $user, $method = 'sha1'){
- $pass = utf8_encode($pass);
- $user = utf8_encode($user);
- //static salt
- $salt_stat = range('a', 'z');
- $salt_stat .= strtoupper($salt_stat);
- $salt_stat .= range(0, 284); //helt random nummer :P
- //dynamic salt
- $salt_dyn = strtolower($pass).strtolower($user);
- $salt_dyn .= strtoupper($user.$salt_dyn).strtoupper($pass);
- $salt_dyn .= substr($pass.$salt_dyn, round(ord($pass)/2));
- $salt_dyn .= sha1($salt_dyn);
- $new_pass = '';
- if($method == 'sha1')
- $new_pass = sha1($salt_stat.$pass.$salt_dyn.$user);
- else
- $new_pass = md5($salt_stat.$pass.$salt_dyn.$user);
- return $new_pass;
- }
- // job done, close class
- }
- ?>
Add Comment
Please, Sign In to add comment
