Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // saltIt.php
- <?php
- function saltIt($password, $salt=null)
- {
- $saltHash = array();
- $saltHash['salt'] = $salt;
- $saltHash['password'] = $password;
- $saltHash['saltedHash'] = null;
- $saltHash['privatKey'] = "
- PU-oD(FaiPloe>o2A9]IU&-r[F}{j=p<,@Y5N<3>66)i;r?}}#7{?XjZ7Lxp.t
- uI+sx:R7#(fRA(%0)[Hf*qx;;eoC8%rn/dXmv-n/p&a6?HkL<=nmSljv.P.M\&
- rj1ay]8*BjT>N@Wt:oDbCA?Y[6Yp{HZa;}jLO:aW)0X;?5)n@%D{zk:F\q>%i,
- 2,in*mUEfK(d8.[u0H(*k2_KVI\<,*7T23uqmNjvR).Q%R}D{9SC.MyUag+4X<
- UR_3gH&%Etg=Jy@ZK2xX)STxC5jl\dPetJc)MTD.15izLLQ&TBS={UKt83z{1Q
- v(TjoClVx[zj5lj<OvF_mq[GsAxa)kaizTnuJl!80l@XG?#iTl)IB7Jd(,3BSg
- jzJS\kL.F<45ESW?GDd37H4A3P}7<{Rx=:>OqM(wT]f]_sKS@(8];jPMQov*rp
- &S&eZQ+6bNN-<x=St/Aly3e{>;0STBR7m.V/7Fo8z@/6r<F9wvU66{Kxb-A&:@";
- if($saltHash['salt'] == null)
- {
- $saltHash['salt'] = microtime();
- $saltHash['salt'] = crc32($saltHash['salt']);
- $saltHash['salt'] = pack('N', $saltHash['salt']);
- $saltHash['salt'] = base64_encode($saltHash['salt']);
- $saltHash['salt'] = substr($saltHash['salt'], 0, 6);
- }
- else if(strpos($saltHash['salt'], "|") !== false)
- {
- $saltHash['salt'] = substr($saltHash['salt'], 0, strpos($saltHash['salt'], "|"));
- }
- $saltHash['saltedHash'] = $saltHash['salt'];
- $saltHash['saltedHash'].= "|";
- $saltHash['saltedHash'].= sha1($saltHash['privatKey']);
- $saltHash['saltedHash'].= sha1($saltHash['salt'].$saltHash['password']);
- return $saltHash['saltedHash'];
- }
- ?>
- // Login
- <?php
- ob_start();
- include_once("saltIt.php");
- include_once("config.inc.php");
- mysql_connect($database_host, $database_user, $database_password) or die ("Couldn't connect.");
- mysql_select_db($database_name) or die ("No database with this name.");
- $username = stripslashes(mysql_real_escape_string($_POST['username']));
- $password = stripslashes(mysql_real_escape_string($_POST['password']));
- $saltedHash = null;
- $databaseSaltedHash = null;
- $saltedHash = saltIt($password);
- $sql="SELECT password FROM users WHERE username='$username'";
- $result=mysql_query($sql);
- $databaseSaltedHash = mysql_fetch_object($result);
- $databaseSaltedHash = $databaseSaltedHash ->password;
- if(saltIt($password, $databaseSaltedHash) == $databaseSaltedHash)
- {
- session_register("username");
- echo "Successfully.";
- }
- else
- {
- echo "Failed.";
- }
- ob_end_flush();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement