Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $salt = 'csdnfgksdgojnmfnb';
- $password = md5($salt.$_POST['password']);
- $result = mysql_query("SELECT id FROM users
- WHERE username = '".mysql_real_escape_string($_POST['username'])."'
- AND password = '$password'");
- if (mysql_num_rows($result) < 1) {
- /* Access denied */
- echo "The username or password you entered is incorrect.";
- } else {
- $_SESSION['id'] = mysql_result($result, 0, 'id');
- #header("Location: ./");
- echo "Hello $_SESSION[id]!";
- }
- require('PasswordHash.php');
- $pwdHasher = new PasswordHash(8, FALSE);
- // $hash is what you would store in your database
- $hash = $pwdHasher->HashPassword( $password );
- // $hash would be the $hashed stored in your database for this user
- $checked = $pwdHasher->CheckPassword($password, $hash);
- if ($checked) {
- echo 'password correct';
- } else {
- echo 'wrong credentials';
- }
- <?php
- // generates a 8 character hexadecimal CRC32 string
- function crc($o){
- return str_pad(dechex(crc32($o)), 8, 0, STR_PAD_LEFT);
- }
- $salt = crc(mt_rand() . time); // a unique fixed length salt
- $hash = sha1($password . $salt) . $salt; // generates a 40 character hash (32+8)
- ?>
- <?php
- $hash = $TheHashFromDatabase;
- $salt = substr($hash, -8);
- $generated_hash = sha1($_POST['user_pwd'] . $salt) . $salt;
- if($generated_hash == $hash){
- // logged in - password is correct
- }
- ?>
Add Comment
Please, Sign In to add comment