Ejemplos de passwordCheck en PHP

Ejemplo n.º 1

Archivo: newclass.php Proyecto: keelandaye/equiz

function passwordCheck($password)
{
    $pwcheck = mysql_query("SELECT `id` FROM `classes` WHERE `password` = '{$password}'");
    if (mysql_num_rows($pwcheck) != 0) {
        $password = generateRandomString();
        passwordCheck();
        return;
    }
}

Ejemplo n.º 2

Archivo: catalogue.php Proyecto: surajpulla/InternetSecurity

<?php

include 'php_modules/modules.php';
if (!isset($_COOKIE['sessionuid'])) {
    $password = $_POST['pass'];
    if (passwordCheck($password) == "f") {
        //echo '<script>window.location.assign("http://bluestore.co")</script>';
        setcookie("ccookie", "", time() - 86400 * 30, "/");
        header('Location: index.php');
    }
    header('Cache-Control: no-cache, no-store, must-revalidate');
    // HTTP 1.1.
    header('Pragma: no-cache');
    // HTTP 1.0.
    header('Expires: 0');
    // Proxies.
} else {
    if (encrypt_decrypt('decrypt', $_COOKIE['ccookie']) != $_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']) {
        header('Location: https://bluestore.co/logOutRedirect.php');
    }
}
?>
<!DOCTYPE html>
<html>
	<head>
		<title>
			Blue Store
		</title>

		<!-- Javascript -->
		<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>

Ejemplo n.º 3

Archivo: login.php Proyecto: Calcio/CursoPHPBasico

require_once dirname(__FILE__) . DS . '../../src/connection.php';
require_once dirname(__FILE__) . DS . '../../src/protectCSRF.php';
if ($_POST) {
    extract($_POST);
    $token = isset($token) ? $token : null;
    $email = isset($email) ? $email : null;
    $senha = isset($senha) ? $senha : null;
    checkTokenIsValid($token);
    $email = antiInjection($email);
    $senha = antiInjection($senha);
    //Recupera senha criptografada (HASH)
    $hash = getUserHash($email);
    //Verifica se senha digitada é válida no banco
    //Tem que ser um array
    $dataPasswordVerify = ['email' => $email, 'senha' => $senha, 'hash' => $hash];
    if (passwordCheck($dataPasswordVerify) === false) {
        header('Location: ' . SITE_URL . 'index.php');
    } else {
        header('Location: ' . SITE_URL . 'dashboard.php');
    }
} else {
    header('Location: ' . SITE_URL . 'index.php');
}
/**
* Função para verificar se a senha digitada é a correta
* e verifica se houve alteração no algoritmo de HASH do PHP
* Caso positívo altera o algoritmo de HASH
* (esse procedimento não impede o acesso do usuário)
*/
//function passwordCheck($email, $senha, $hash)
function passwordCheck($params)

Ejemplo n.º 4

Archivo: dboperation.php Proyecto: smblee/smblee.github.io

include 'dbconn.php';
?>
<!DOCTYPE html>
<html>
<head>
	<title>Check DB</title>
		<link rel="stylesheet" href="../css/register/style.css" />
</head>
<body>

<?php 
$join_password = $_POST['password'];
$join_passwordcheck = $_POST['passwordCheck'];
// First check if password retype is valid.
passwordCheck($join_password, $join_passwordcheck);
?>

</body>
</html>


<?php 
//Functions
function passwordCheck($original, $check)
{
    if ($original != $check) {
        errorform('password');
    } else {
        emailcheck();
    }

Ejemplo n.º 5

Archivo: login_handler.php Proyecto: janlothar/CarRental

<?php

session_start();
$con = mysqli_connect("localhost", "root", "root", "rent_a_car");
if (mysqli_connect_errno($con)) {
    echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if (isset($_POST["userid"]) && isset($_POST["password"])) {
    $accounts = mysqli_query($con, 'SELECT * FROM account');
    while ($row = mysqli_fetch_array($accounts)) {
        if ($row['USERNAME'] == $_POST["userid"]) {
            passwordCheck($row);
        }
    }
    header('Location: http://localhost:8888/CarRental/welcome.php');
}
function passwordCheck($toCheck)
{
    $con = mysqli_connect("localhost", "root", "root", "rent_a_car");
    if ($toCheck['PASSWORD'] == $_POST["password"]) {
        $_SESSION['type'] = $toCheck['TYPE'];
        //change this to whatever type account is
        $_SESSION['name'] = $toCheck['USERNAME'];
        if ($_SESSION['type'] == 'C') {
            $account = mysqli_query($con, 'SELECT * FROM customer INNER JOIN account ON customer.CID=account.ACCOUNTID WHERE account.USERNAME = "******"');
            $info = mysqli_fetch_array($account);
            $_SESSION['id'] = $info['CID'];
        } elseif ($_SESSION['type'] == 'E' || $_SESSION['type'] == 'A') {
            $account = mysqli_query($con, 'SELECT * FROM employee INNER JOIN account ON employee.EID=account.ACCOUNTID WHERE account.USERNAME = "******"');
            $info = mysqli_fetch_array($account);
            $_SESSION['id'] = $info['EID'];

Ejemplo n.º 6

Archivo: login.php Proyecto: nightcore125/developer

     }
 }
 # https://github.com/easy-wi/developer/issues/2
 if (!isset($active)) {
     $query = $sql->prepare("SELECT * FROM `userdata_substitutes` WHERE `loginName`=? LIMIT 1");
     $query->execute(array($ui->username('username', 255, 'post')));
     while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
         $mail = '';
         $externalID = 0;
         $sID = $row['sID'];
         $id = $row['userID'];
         $username = $row['loginName'];
         $active = $row['active'];
         $resellerid = $row['resellerID'];
         $accounttype = 'v';
         $passwordCorrect = passwordCheck($password, $row['passwordHashed'], $row['loginName'], $row['salt']);
         if ($passwordCorrect !== true and $passwordCorrect !== false) {
             if (is_array($newHash)) {
                 $query = $sql->prepare("UPDATE `userdata_substitutes` SET `passwordHashed`=?,`salt`=? WHERE `sID`=? LIMIT 1");
                 $query->execute(array($passwordCorrect['hash'], $passwordCorrect['salt'], $sID));
             } else {
                 $query = $sql->prepare("UPDATE `userdata_substitutes` SET `passwordHashed`=? WHERE `sID`=? LIMIT 1");
                 $query->execute(array($passwordCorrect, $sID));
             }
         }
     }
 }
 if (!isset($sID) and isset($active) and $active == 'Y' and isset($passwordCorrect) and $passwordCorrect === false) {
     $authLookupID = $resellerid == $id ? 0 : $resellerid;
     $query = $sql->prepare("SELECT `active`,`ssl`,`user`,`domain`,AES_DECRYPT(`pwd`,?) AS `decryptedPWD`,`file` FROM `api_external_auth` WHERE `resellerID`=? LIMIT 1");
     $query->execute(array($aeskey, $authLookupID));

Ejemplo n.º 7

Archivo: login.php Proyecto: dianaruth/sensemysoil

<?php

if (!session_id()) {
    session_start();
}
include "functions.php";
include "connect.php";
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT username, hashed_password, first_name, last_name FROM users WHERE username = :username LIMIT 1";
$statement = $db->prepare($sql);
$statement->bindParam(':username', $username);
$statement->execute();
if ($user = $statement->fetch()) {
    if (passwordCheck($password, $user['hashed_password'])) {
        // successful login, redirect to dashboard
        $_SESSION['username'] = $username;
        $_SESSION['login_error'] = False;
        $_SESSION['first_name'] = $user['first_name'];
        $_SESSION['last_name'] = $user['last_name'];
        header("Location: ../public/dashboard.php");
    } else {
        // password is incorrect
        $_SESSION['login_error'] = True;
        header("Location: ../public/index.php");
    }
} else {
    // username is incorrect
    $_SESSION['login_error'] = True;
    header("Location: ../public/index.php");
}