API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 4th, 2016
107
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.53 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. // This if statement checks to determine whether the registration form has been submitted
  4. // If it has, then the registration code is run, otherwise the form is displayed
  5. if(!empty($_POST))
  6. {
  7. // Ensure that the user has entered a non-empty username
  8. if(empty($_POST['username']))
  9. {
  10. // Note that die() is generally a terrible way of handling user errors
  11. // like this. It is much better to display the error with the form
  12. // and allow the user to correct their mistake. However, that is an
  13. // exercise for you to implement yourself.
  14. die("<div class='red'>Please enter a username.</div>");
  15. }
  16.  
  17. // Ensure that the user has entered a non-empty password
  18. if(empty($_POST['password']))
  19. {
  20. die("<div class='red'>Please enter a password.</div>");
  21. }
  22.  
  23. // Make sure the user entered a valid E-Mail address
  24. // filter_var is a useful PHP function for validating form input, see:
  25. // http://us.php.net/manual/en/function.filter-var.php
  26. // http://us.php.net/manual/en/filter.filters.php
  27. if(!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL))
  28. {
  29. die("<div class='red'>Invalid E-Mail Address</div>");
  30. }
  31.  
  32. // We will use this SQL query to see whether the username entered by the
  33. // user is already in use. A SELECT query is used to retrieve data from the database.
  34. // :username is a special token, we will substitute a real value in its place when
  35. // we execute the query.
  36. $query = "
  37. SELECT
  38. 1
  39. FROM users
  40. WHERE
  41. username = :username
  42. ";
  43.  
  44. // This contains the definitions for any special tokens that we place in
  45. // our SQL query. In this case, we are defining a value for the token
  46. // :username. It is possible to insert $_POST['username'] directly into
  47. // your $query string; however doing so is very insecure and opens your
  48. // code up to SQL injection exploits. Using tokens prevents this.
  49. // For more information on SQL injections, see Wikipedia:
  50. // http://en.wikipedia.org/wiki/SQL_Injection
  51. $query_params = array(
  52. ':username' => $_POST['username']
  53. );
  54.  
  55. try
  56. {
  57. // These two statements run the query against your database table.
  58. $stmt = $db->prepare($query);
  59. $result = $stmt->execute($query_params);
  60. }
  61. catch(PDOException $ex)
  62. {
  63. // Note: On a production website, you should not output $ex->getMessage().
  64. // It may provide an attacker with helpful information about your code.
  65. die("<div class='red'>Failed to run query: </div>" . $ex->getMessage());
  66. }
  67.  
  68. // The fetch() method returns an array representing the "next" row from
  69. // the selected results, or false if there are no more rows to fetch.
  70. $row = $stmt->fetch();
  71.  
  72. // If a row was returned, then we know a matching username was found in
  73. // the database already and we should not allow the user to continue.
  74. if($row)
  75. {
  76. die("<div class='red'>This username is already in use</div>");
  77. }
  78.  
  79. // Now we perform the same type of check for the email address, in order
  80. // to ensure that it is unique.
  81. $query = "
  82. SELECT
  83. 1
  84. FROM users
  85. WHERE
  86. email = :email
  87. ";
  88.  
  89. $query_params = array(
  90. ':email' => $_POST['email']
  91. );
  92.  
  93. try
  94. {
  95. $stmt = $db->prepare($query);
  96. $result = $stmt->execute($query_params);
  97. }
  98. catch(PDOException $ex)
  99. {
  100. die("<div class='red'>Failed to run query: </div>" . $ex->getMessage());
  101. }
  102.  
  103. $row = $stmt->fetch();
  104.  
  105. if($row)
  106. {
  107. die("<div class='red'>This email address is already registered</div>");
  108. }
  109.  
  110. // An INSERT query is used to add new rows to a database table.
  111. // Again, we are using special tokens (technically called parameters) to
  112. // protect against SQL injection attacks.
  113. $query = "
  114. INSERT INTO users (
  115. username,
  116. password,
  117. salt,
  118. email
  119. ) VALUES (
  120. :username,
  121. :password,
  122. :salt,
  123. :email
  124. )
  125. ";
  126.  
  127. // A salt is randomly generated here to protect again brute force attacks
  128. // and rainbow table attacks. The following statement generates a hex
  129. // representation of an 8 byte salt. Representing this in hex provides
  130. // no additional security, but makes it easier for humans to read.
  131. // For more information:
  132. // http://en.wikipedia.org/wiki/Salt_%28cryptography%29
  133. // http://en.wikipedia.org/wiki/Brute-force_attack
  134. // http://en.wikipedia.org/wiki/Rainbow_table
  135. $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
  136.  
  137. // This hashes the password with the salt so that it can be stored securely
  138. // in your database. The output of this next statement is a 64 byte hex
  139. // string representing the 32 byte sha256 hash of the password. The original
  140. // password cannot be recovered from the hash. For more information:
  141. // http://en.wikipedia.org/wiki/Cryptographic_hash_function
  142. $password = hash('sha256', $_POST['password'] . $salt);
  143.  
  144. // Next we hash the hash value 65536 more times. The purpose of this is to
  145. // protect against brute force attacks. Now an attacker must compute the hash 65537
  146. // times for each guess they make against a password, whereas if the password
  147. // were hashed only once the attacker would have been able to make 65537 different
  148. // guesses in the same amount of time instead of only one.
  149. for($round = 0; $round < 65536; $round++)
  150. {
  151. $password = hash('sha256', $password . $salt);
  152. }
  153.  
  154. // Here we prepare our tokens for insertion into the SQL query. We do not
  155. // store the original password; only the hashed version of it. We do store
  156. // the salt (in its plaintext form; this is not a security risk).
  157. $query_params = array(
  158. ':username' => $_POST['username'],
  159. ':password' => $password,
  160. ':salt' => $salt,
  161. ':email' => $_POST['email']
  162. );
  163.  
  164. try
  165. {
  166. // Execute the query to create the user
  167. $stmt = $db->prepare($query);
  168. $result = $stmt->execute($query_params);
  169. }
  170. catch(PDOException $ex)
  171. {
  172. // Note: On a production website, you should not output $ex->getMessage().
  173. // It may provide an attacker with helpful information about your code.
  174. die("<div class='red'>Failed to run query:</div> " . $ex->getMessage());
  175. }
  176.  
  177. // This redirects the user back to the login page after they register
  178. header("Location: /login");
  179.  
  180. // Calling die or exit after performing a redirect using the header function
  181. // is critical. The rest of your PHP script will continue to execute and
  182. // will be sent to the user if you do not die or exit.
  183. die("Redirecting to /login");
  184. }
  185.  
  186. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!