Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function createsessions($username)
- {
- $salt=uniqid(rand(), true);
- setcookie('cusername',hash('sha512',$username.$salt),time()+3600);
- setcookie('cid',hash('sha512',session_id(),$salt),time()+3600);
- setcookie('cauth',hash('sha512','yes',$salt),time()+3600);
- session_register();
- $_SESSION['susername'] = hash('sha512',$username,$salt);
- $_SESSION['sid'] = hash('sha512',session_id(),$salt);
- $_SESSION['sauth'] = hash('sha512','yes',$salt);
- }
- function deletesessions()
- {
- unset($_SESSION['susername']);
- unset($_SESSION['sid']);
- unset($_SESSION['sauth']);
- session_unset();
- session_destroy();
- setcookie('cusername','',time()-3600);
- setcookie('cid','',time()-3600);
- setcookie('cauth','',time()-3600);
- }
- function login($username,$password) {
- $username = mysql_real_escape_string( stripslashes($_POST['username']));
- $password = mysql_real_escape_string( stripslashes($_POST['password']));
- $salt = '10367001714ecbe6c5f01862.28316256';
- $salt2 = '10868308824ecbe6c5f01750.38838567';
- $eusername = hash("sha512",$username.$salt2);
- $epassword = hash("sha512",$password.$salt);
- $saltquery = mysql_query("SELECT `usernamesalt` AND `passwordsalt` FROM `users` WHERE username='".$eusername."'");
- while($row = mysql_fetch_row($saltquery)) {
- $usernamesalt = $row['0'];
- $passwordsalt = $row['1'];
- }
- $check = mysql_query("SELECT * FROM `users` WHERE username='".$eusername."' and password='".$epassword."' LIMIT 1");
- $count = mysql_num_rows($check);
- if($count == 1)
- {
- return true;
- } else {
- return false;
- }
- }
- function checkauth() {
- if (isset($_SESSION['susername']) && isset($_SESSION['sid']) && isset($_SESSION['sauth']) && isset($_COOKIE['cusername']) && isset($_COOKIE['cid']) && isset ($_COOKIE['cauth'])) {
- if ($_SESSION['sid'] && $_COOKIES['cid'] == session_id && $_SESSION['susername'] && $_COOKIE['cusername'] == $_POST['username']) {
- return true;
- }
- }
- if (login($_POST['username'],$_POST['password'])) {
- createsessions($_POST['username']);
- return true;
- } else {
- deletesessions();
- return false;
- }
- }
- function loginform() {
- echo "
- <form method='POST' action='login.php'>
- <input type='text' name='username'><br>
- <input type='text' name='password'>
- <input type='submit' name='login' value='Submit'>
- </form>";
- }
- ?>
Add Comment
Please, Sign In to add comment