Example #1
0
<?php

function hash_pwd($pwd)
{
    $salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_RAND)), '+', '.');
    $salt = sprintf("\$2a\$%02d\$", 10) . $salt;
    $hash = crypt($pwd, $salt);
    return $hash;
}
echo hash_pwd("*****@*****.**");
phpinfo();
Example #2
0
     // Get hash key
     $result = pg_execute($conn, "get_key2", array($uid)) or die("Can't execute get_key2: " . pg_last_error());
     $row = pg_fetch_row($result);
     $hkey = $row[0];
     pg_freeresult($result);
     /*
     if ($hkey == '')
     {
     	header('HTTP 406 Not Acceptable', true, 406);
     	echo "There was a problem updating user's password.\n";
     	exit();
     	//return ;
     }
     */
     // Hash password with user's hash key
     $password = hash_pwd($password, $hkey);
     // update password
     $result = pg_execute($conn, "update_password", array($password, $uid)) or die("Can't execute update_password: "******"email") {
         // Get email
         $email = $_POST['value'];
         // Remove all illegal characters from email
         $email = filter_var($email, FILTER_SANITIZE_EMAIL);
         // Validate e-mail
         if (!filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
             // get key using the email
Example #3
0
function DB_changePwd($oldpwd, $pwd)
{
    if (!is_numeric($_SESSION['id'])) {
        return FALSE;
    }
    $q = "SELECT id FROM `USERINFO` WHERE id=" . $_SESSION['id'] . " AND pwd='" . hash_pwd($oldpwd) . "';";
    $rslt = mysqli_query($GLOBALS['con'], $q);
    if ($rslt == FALSE) {
        return FALSE;
    }
    if (!mysqli_fetch_array($rslt)) {
        return FALSE;
    }
    $q = "UPDATE `USERINFO` SET pwd='" . hash_pwd($pwd) . "' WHERE id=" . $_SESSION['id'];
    if (($result = mysqli_query($GLOBALS['con'], $q)) == FALSE) {
        return FALSE;
    }
    return TRUE;
}