API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 12th, 2016
100
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.77 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. //print_r($_POST);
  4. /*-------------------------------------------------------------
  5.   The generateSalt function was gotten from http://code.activestate.com/recipes/576894-generate-a-salt/
  6.   @author AfroSoft
  7. -------------------------------------------------------------*/
  8.  
  9. function generateSalt($max = 64) {
  10.   $characterList = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%&*?";
  11.   $i = 0;
  12.   $salt = "";
  13.   while ($i < $max) {
  14.       $salt .= $characterList{mt_rand(0, (strlen($characterList) - 1))};
  15.       $i++;
  16.   }
  17.   return $salt;
  18. }
  19.  
  20. /*-------------------------------------------------------------
  21.  Form data
  22. -------------------------------------------------------------*/
  23. $username = $_POST['userusername'];
  24. $password = $_POST['userpassword'];
  25. $confirm = $_POST['userconfirm'];
  26. $CustomerCellphone = $_SESSION['inputCellphone'];
  27.  
  28. /*-------------------------------------------------------------
  29.  Salting and Hashing
  30. -------------------------------------------------------------*/
  31.  
  32. $user_salt = generateSalt(); // Generates a salt from the function above
  33. $combo = $user_salt . $password; // Appending user password to the salt
  34. $hashed_pwd = hash('sha512',$combo);// Using SHA512 to hash the salt+password combo string4
  35.  
  36. /*-------------------------------------------------------------
  37.  Database stuff starts from here,  
  38.  MySQL Server Info is gotten from the $_SERVER variable
  39.  (assuming we have the path to the file containing the
  40.  DB credentials in our .htaccess file)  
  41. -------------------------------------------------------------*/
  42.  
  43. //$db_host = $_SERVER['localhost'];
  44. //$db_user = $_SERVER['root'];
  45. //$db_pass = $_SERVER['1234'];
  46. //$db_name = $_SERVER['employee'];
  47.  
  48. /*-------------------------------------------------------------
  49.  Checks the connection to the DB has been made.
  50.  If successful selects the database to be used, else exits
  51. -------------------------------------------------------------*/
  52.  
  53. $link = mysqli_connect('52.40.52.130:3306','root','sitem123!', 'AromaDB');
  54. if(!$link && $password != $confirm)
  55. {
  56.   die("Could Not Connect:".mysqli_error());
  57. }
  58. else {
  59.  
  60.     /*-------------------------------------------------------------
  61.      Inserting Data
  62.     -------------------------------------------------------------*/
  63.  
  64.  
  65.     $insert = "INSERT INTO `AromaDB`.`Customer_Login`(`CUsername`, `CPassword`, `Customer_ID`, `C_Salt`) VALUES ('$username','$hashed_pwd', (SELECT Customer_ID FROM Customer WHERE CCellphone = $CustomerCellphone), '$user_salt')";
  66.     $Cust = mysqli_query($link, $insert) or die('Error while trying to insert data' . mysqli_error($link));
  67.     mysqli_close($link);
  68.     echo 'Customer Successfully added.';//Closing the connection to the database
  69.     header("location: Index.html");
  70. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!