Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- //print_r($_POST);
- /*-------------------------------------------------------------
- The generateSalt function was gotten from http://code.activestate.com/recipes/576894-generate-a-salt/
- @author AfroSoft
- -------------------------------------------------------------*/
- function generateSalt($max = 64) {
- $characterList = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%&*?";
- $i = 0;
- $salt = "";
- while ($i < $max) {
- $salt .= $characterList{mt_rand(0, (strlen($characterList) - 1))};
- $i++;
- }
- return $salt;
- }
- /*-------------------------------------------------------------
- Form data
- -------------------------------------------------------------*/
- $username = $_POST['userusername'];
- $password = $_POST['userpassword'];
- $confirm = $_POST['userconfirm'];
- $CustomerCellphone = $_SESSION['inputCellphone'];
- /*-------------------------------------------------------------
- Salting and Hashing
- -------------------------------------------------------------*/
- $user_salt = generateSalt(); // Generates a salt from the function above
- $combo = $user_salt . $password; // Appending user password to the salt
- $hashed_pwd = hash('sha512',$combo);// Using SHA512 to hash the salt+password combo string4
- /*-------------------------------------------------------------
- Database stuff starts from here,
- MySQL Server Info is gotten from the $_SERVER variable
- (assuming we have the path to the file containing the
- DB credentials in our .htaccess file)
- -------------------------------------------------------------*/
- //$db_host = $_SERVER['localhost'];
- //$db_user = $_SERVER['root'];
- //$db_pass = $_SERVER['1234'];
- //$db_name = $_SERVER['employee'];
- /*-------------------------------------------------------------
- Checks the connection to the DB has been made.
- If successful selects the database to be used, else exits
- -------------------------------------------------------------*/
- $link = mysqli_connect('52.40.52.130:3306','root','sitem123!', 'AromaDB');
- if(!$link && $password != $confirm)
- {
- die("Could Not Connect:".mysqli_error());
- }
- else {
- /*-------------------------------------------------------------
- Inserting Data
- -------------------------------------------------------------*/
- $insert = "INSERT INTO `AromaDB`.`Customer_Login`(`CUsername`, `CPassword`, `Customer_ID`, `C_Salt`) VALUES ('$username','$hashed_pwd', (SELECT Customer_ID FROM Customer WHERE CCellphone = $CustomerCellphone), '$user_salt')";
- $Cust = mysqli_query($link, $insert) or die('Error while trying to insert data' . mysqli_error($link));
- mysqli_close($link);
- echo 'Customer Successfully added.';//Closing the connection to the database
- header("location: Index.html");
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement