function user_authenticate($Username, $Password)
{
global $pdo;
$stmt = $pdo->prepare('
SELECT count(*)
FROM `users`
WHERE `username` = :username AND
`password` = :password
');
$stmt->bindValue(':username', $Username);
$stmt->bindValue(':password', user_hash($Password, $Username));
$stmt->execute();
if ($stmt->fetchColumn() > 0) {
// Some website told me it's a good idea to regenerate session ID's when a user logs in
// session_obliterate();
// session_start();
$user = new User($Username, user_key($Password, $Username));
$_SESSION['user'] =& $user;
return true;
} else {
return false;
}
}
#!/usr/bin/php
<?php
if (count($argv) != 3) {
echo "Example Usage - ./generateUser username password\n";
echo "Or, if you want spaces in your password - ./generateUser username 'password with spaces'";
}
require 'html/include/functions/Sanitize.php';
require 'html/include/functions/User.php';
echo "Username: "******"\n";
echo "Hashed Password: "******"\n";
echo "Generating OpenSSL Keys...\n";
// Create the keypair
$res = openssl_pkey_new(array('encrypt_key' => user_key($argv[2], $argv[1])));
// Get private key
openssl_pkey_export($res, $PrivateKey);
// Get public key
$pubkey = openssl_pkey_get_details($res);
$PublicKey = $pubkey["key"];
file_put_contents('./keys/' . $argv[1] . '.pem', $PrivateKey);
file_put_contents('./keys/' . $argv[1] . '.pub', $PublicKey);
echo "Certificates generated\n";
echo "Remeber to manually add this user to your database\n";
