Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("connect.php");
- if(isset($_POST["login"])){
- $sql = "SELECT kundid, username, password, salt FROM kund WHERE username = "
- . "'$_POST[username]'";
- $result = $conn->query($sql);
- if (!empty($result)){
- while($row = $result->fetch_assoc()){
- $db_password = $row["password"];
- $salt = $row["salt"];
- $kundid = $row["kundid"];
- $saltat_pass = hash("sha256",$_POST['password'].$salt);
- if (strcmp($db_password,$saltat_pass)==0){
- $_SESSION["kund"] = $kundid;
- } else{
- echo " användarnamnet och lösenordet stämmer inte";}
- }
- }
- }
- if(isset($_POST["create"])){
- $salt = createSalt();
- $password = hash("sha256",$_POST['password'].$salt);
- $sql =
- "INSERT INTO kund (username, password, fnamn, enamn, adress, postn, stad, salt )
- VALUES ('$_POST[username]',
- '$password',
- '$_POST[fnamn]',
- '$_POST[enamn]',
- '$_POST[adress]',
- '$_POST[postn]',
- '$_POST[stad]',
- '$salt'
- )";
- $conn->query($sql);
- }
- function createSalt(){
- return "foo1";
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
