function user_authenticate($Username, $Password) { global $pdo; $stmt = $pdo->prepare(' SELECT count(*) FROM `users` WHERE `username` = :username AND `password` = :password '); $stmt->bindValue(':username', $Username); $stmt->bindValue(':password', user_hash($Password, $Username)); $stmt->execute(); if ($stmt->fetchColumn() > 0) { // Some website told me it's a good idea to regenerate session ID's when a user logs in // session_obliterate(); // session_start(); $user = new User($Username, user_key($Password, $Username)); $_SESSION['user'] =& $user; return true; } else { return false; } }
#!/usr/bin/php <?php if (count($argv) != 3) { echo "Example Usage - ./generateUser username password\n"; echo "Or, if you want spaces in your password - ./generateUser username 'password with spaces'"; } require 'html/include/functions/Sanitize.php'; require 'html/include/functions/User.php'; echo "Username: "******"\n"; echo "Hashed Password: "******"\n"; echo "Generating OpenSSL Keys...\n"; // Create the keypair $res = openssl_pkey_new(array('encrypt_key' => user_key($argv[2], $argv[1]))); // Get private key openssl_pkey_export($res, $PrivateKey); // Get public key $pubkey = openssl_pkey_get_details($res); $PublicKey = $pubkey["key"]; file_put_contents('./keys/' . $argv[1] . '.pem', $PrivateKey); file_put_contents('./keys/' . $argv[1] . '.pub', $PublicKey); echo "Certificates generated\n"; echo "Remeber to manually add this user to your database\n";