Ejemplos de bcrypt en PHP

Ejemplo n.º 1

Archivo: model.user.php Proyecto: pettam/Manta

 public static function challenge_login($user, $pass)
 {
     $result = false;
     $query = database::select('id, password')->tables('user')->where('username', '=', ':username')->where('status', '=', 1, 'and')->param(':username', $user)->limit(1)->execute();
     $query_result = $query->fetch();
     if ($query_result && bcrypt::verify(user::config()->get('salt') . $query_result->uid . $pass, $query_result->pass)) {
         $result = (int) $query_result->id;
     }
     return $result;
 }

Ejemplo n.º 2

Archivo: AdminController.php Proyecto: rikoansh/Master

 public function update_user(UserRequest $request, $username)
 {
     $user = User::whereUsername($username)->firstOrFail();
     $newpassword = input::get('password');
     $oldpassword = User::findOrFail(5)->password;
     if (bcrypt::check($newpassword, $oldpassword)) {
         $tes = User::findOrFail(5);
         $tes->password = bcrypt::make(input::get('newpassword'));
         $tes->save();
     } else {
         var_dump('gagal');
     }
     $input = $request->all();
     return redirect()->route('admin::user');
 }

Ejemplo n.º 3

Archivo: usuariosDao.php Proyecto: Wellingtoncezar/pfc

 /**
  * Insere novos usuarios
  * @return boolean, json
  */
 public function inserir(usuariosModel $usuarios)
 {
     $senha = bcrypt::hash($usuarios->getSenha());
     $data = array('id_funcionario' => $usuarios->getFuncionario()->getId(), 'id_nivel_acesso' => $usuarios->getNivelAcesso(), 'email_usuario' => $usuarios->getEmail(), 'login_usuario' => $usuarios->getLogin(), 'senha_usuario' => $senha, 'status_usuario' => $usuarios->getStatus(), 'data_criacao_usuario' => $usuarios->getDataCadastro());
     $this->db->clear();
     $this->db->setTabela('sys_usuarios');
     try {
         if ($this->db->insert($data)) {
             return true;
         } else {
             return $this->db->getError();
         }
     } catch (dbException $e) {
         echo $e->getMessageError();
         //echo $this->db->getCode();
     }
 }

Ejemplo n.º 4

Archivo: change.pw.php Proyecto: 4v4t4r/osint-opsec-tool

 $user = $_SESSION['user'];
 $old_password_entered = $_POST['old_password'];
 $new_password_entered = $_POST['new_password'];
 $new_password_confirm = $_POST['new_password_confirm'];
 if ($old_password_entered == '' || $new_password_entered == '' || $new_password_confirm == '') {
     // Blank entries submitted
     header('Location: index.php');
 } else {
     if ($new_password_entered == $new_password_confirm) {
         if (check_strong_password($new_password_entered)) {
             require_once $_SERVER['DOCUMENT_ROOT'] . '/config/db.php';
             $stmt = $GLOBALS['dbh']->prepare("SELECT password_hashed FROM `opsec_users` WHERE user = :user");
             $stmt->execute(array(':user' => $user));
             $row = $stmt->fetch();
             $hashed_password_from_table = $row['password_hashed'];
             $bcrypt = new bcrypt(12);
             $password_correct = $bcrypt->verify($old_password_entered, $hashed_password_from_table);
             if ($password_correct) {
                 $hashed_pw = $bcrypt->genHash($new_password_entered);
                 $passwd_stmt = $GLOBALS['dbh']->prepare("UPDATE `opsec_users` SET `password_hashed` = :password_hashed WHERE `user` = :user");
                 $passwd_stmt->execute(array(':password_hashed' => $hashed_pw, ':user' => $user));
                 echo "Password updated successfully.";
             } else {
                 die("Old password not correct!");
             }
         } else {
             die;
         }
     } else {
         die("New passwords do not match!");
     }

Ejemplo n.º 5

Archivo: register.php Proyecto: 4v4t4r/osint-opsec-tool

$user_entered = strtolower($_POST['user']);
$password_entered = $_POST['password'];
if ($user_entered == '' || $password_entered == '' || $token_entered == '') {
    // Blank entries submitted
    header('Location: index.php');
} else {
    if (check_strong_password($password_entered)) {
        require_once $_SERVER['DOCUMENT_ROOT'] . '/config/db.php';
        $token_stmt = $GLOBALS['dbh']->prepare("SELECT token, issued FROM `opsec_registration_tokens` WHERE token = :token");
        $token_stmt->execute(array(':token' => $token_entered));
        $row = $token_stmt->fetch();
        $token_from_table = $row['token'];
        $issued_epoch = strtotime($row['issued']);
        $twelve_hours_ago_epoch = strtotime('-12 hours');
        if ($token_from_table != '' && $issued_epoch > $twelve_hours_ago_epoch) {
            $bcrypt = new bcrypt(12);
            $hashed_pw = $bcrypt->genHash($password_entered);
            try {
                $stmt = $GLOBALS['dbh']->prepare("INSERT INTO `opsec_users`(user, password_hashed) VALUES (:user, :password_hashed)");
                $stmt->execute(array(':user' => $user_entered, ':password_hashed' => $hashed_pw));
            } catch (Exception $e) {
                die("Error inserting into db");
            }
        }
        $delete_token_stmt = $GLOBALS['dbh']->prepare("DELETE FROM `opsec_registration_tokens` WHERE token = :token");
        $delete_token_stmt->execute(array(':token' => $token_entered));
        header('Location: index.php');
    } else {
        die;
    }
}

Ejemplo n.º 6

Archivo: login.php Proyecto: 4v4t4r/osint-opsec-tool

}
if (isset($_SESSION['user'])) {
    Header('Location: main.php');
} else {
    require './libs/bcrypt.php';
    require_once $_SERVER['DOCUMENT_ROOT'] . '/config/db.php';
    $user_entered = $_POST['user'];
    $password_entered = $_POST['password'];
    if ($user_entered == '' || $password_entered == '') {
        header('Location: index.php');
    } else {
        $stmt = $GLOBALS['dbh']->prepare("SELECT user, password_hashed FROM `opsec_users` WHERE user = :user");
        $stmt->execute(array(':user' => $user_entered));
        $row = $stmt->fetch();
        $hashed_password_from_table = $row['password_hashed'];
        $user_from_table = $row['user'];
        $bcrypt = new bcrypt(12);
        $password_correct = $bcrypt->verify($password_entered, $hashed_password_from_table);
        if ($user_entered == $user_from_table && $password_correct) {
            $login_history_stmt = $GLOBALS['dbh']->prepare("INSERT INTO `opsec_user_login_history` (`user`) VALUES (:user)");
            $login_history_stmt->execute(array(':user' => $user_entered));
            $_SESSION['user'] = $user_from_table;
            header('Location: main.php');
        } else {
            header('Location: index.php');
        }
    }
}
?>

Ejemplo n.º 7

Archivo: Crypt.php Proyecto: spinit/osy

        $ret = $this->enc_sym($key,$str);
        return base64_encode($cry).':'.base64_encode($ret);
    }
    function dec_pub($dat)
    {
        list($cry,$str) = array_map('base64_decode',explode(':',$dat));
        $res = openssl_get_publickey($this->pub);
        openssl_public_decrypt($cry,$key,$res);
        $ret = $this->dec_sym($key,$str);
        return trim($ret);
    }
}
header('Content-Type: text/plain');
$source = file_get_contents(__FILE__);


echo strlen($source)."\n";
echo "Source: $source\n";


$cry = new bcrypt();
$cry->setPrivateFile("pkey/pri_key",'aaaa');
$cry->setPublicFile("pkey/pub_key");


$str = $cry->enc_pri($source);
echo $str."\n";
echo $cry->dec_pub($str);

return;

Ejemplo n.º 8

Archivo: bcrypt_test.php Proyecto: Rughalt/phpBCrypt

<?php

// Copyright (c) 2011 Antoni Sobkowicz for PHP version
//
// Permission to use, copy, modify, and distribute this software for any
// purpose with or without fee is hereby granted, provided that the above
// copyright notice and this permission notice appear in all copies.
//
// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
ini_set('max_execution_time', 300);
include "bcrypt.php";
$bcryptclass = new bcrypt();
echo $bcryptclass->hashpw("pemppassword", '$2a$06$thisissomerandomsaltxz');