/** * Checking user login * @param String $email User login email id * @param String $password User login password * @return boolean User login status success/fail */ public function checkLogin($email, $password) { // fetching user by email $stmt = $this->conn->prepare("SELECT password_hash FROM users WHERE email = ?"); $stmt->bind_param("s", $email); $stmt->execute(); $stmt->bind_result($password_hash); $stmt->store_result(); if ($stmt->num_rows > 0) { // Found user with the email // Now verify the password $stmt->fetch(); $stmt->close(); if (PassHash::check_password($password_hash, $password)) { // User password is correct return TRUE; } else { // user password is incorrect return FALSE; } } else { $stmt->close(); // user not existed with the email return FALSE; } }
/** * Checking user login * @param String $email User login email id * @param String $password User login password * @return boolean User login status success/fail */ public function checkLogin($email, $password) { // fetching user by email $stmt = $this->conn->prepare("SELECT `password_hash` FROM `users` WHERE `email` = :email"); $stmt->execute(array('email' => $email)); if ($stmt->rowCount() > 0) { $password_hash = $stmt->fetchColumn(); if (PassHash::check_password($password_hash, $password)) { // User password is correct return TRUE; } } return FALSE; }
/** * Checking user login * @param String $email User login email id * @param String $password User login password * @return boolean User login status success/fail */ public static function checkLogin($email, $password) { // fetching user by email $user = User::where('email', $email)->get(); if ($user->count() > 0) { $password_hash = $user[0]->password; if (PassHash::check_password($password_hash, $password)) { //Generate new API everytime log in so old API become invalid $user[0]->apiKey = Utils::generateApiKey(); $user[0]->save(); return $user[0]; } else { return NULL; } } else { return NULL; } }
public function checkLogin($email, $password) { $stmt = $this->conn->prepare("SELECT password_hash FROM users WHERE email = ?"); $stmt->bind_param("s", $email); $stmt->execute(); $stmt->bind_result($password_hash); $stmt->store_result(); if ($stmt->num_rows > 0) { $stmt->fetch(); $stmt->close(); if (PassHash::check_password($password_hash, $password)) { return TRUE; } else { return FALSE; } } else { $stmt->close(); return FALSE; } }
/** * Checking user login * @param String $email User login email id * @param String $password User login password * @return boolean User login status success/fail */ public function checkLogin($email, $password) { // fetching user by email $stmt = $this->db->prepare("SELECT password_hash FROM users WHERE email = :email"); $stmt->execute(array(":email" => $email)); if ($stmt->rowCount() > 0) { // Found user with the email // Now verify the password $res = $stmt->fetch(); if (PassHash::check_password($res->password_hash, $password)) { // User password is correct return TRUE; } else { // user password is incorrect return FALSE; } } else { // user not existed with the email return FALSE; } }
public function checkLogin($username, $password) { require_once dirname(__FILE__) . '/' . '../utils/PassHash.php'; $stmt = $this->conn->prepare("SELECT password FROM USERS WHERE username = ?"); $stmt->bind_param("s", $username); $stmt->execute(); $stmt->bind_result($password_hash); $stmt->store_result(); if ($stmt->num_rows > 0) { // Found user with the email // Now verify the password $stmt->fetch(); $stmt->close(); if (PassHash::check_password($password_hash, $password)) { return TRUE; } else { return FALSE; } } else { $stmt->close(); return FALSE; } }
/** * Checking user login * @param String $email User login email id * @param String $password User login password * @return boolean User login status success/fail */ public function checkLogin($email, $password) { // fetching user by email $stmt = $this->conn->prepare("SELECT PasswordHash, UserID FROM User WHERE Email = ?"); $stmt->bind_param("s", $email); if ($stmt->execute()) { $result = $stmt->get_result()->fetch_assoc(); $stmt->close(); } if ($result) { // Found user with the email // Now verify the password if (PassHash::check_password($result["PasswordHash"], $password)) { // User password is correct return $result["UserID"]; } else { // user password is incorrect return null; } } else { // user not existed with the email return null; } }
<?php require_once '/include/PassHash.php'; define('DB_HOST', 'localhost'); define('DB_NAME', 'task_manager'); define('DB_USER', 'vyk'); define('DB_PASSWORD', 'navneeta'); $con = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error()); $db = mysql_select_db(DB_NAME, $con) or die("Failed to connect to MySQL: " . mysql_error()); $u = $_POST['user']; $p = $_POST['pass']; $pi = $_POST['pin']; $sql = "SELECT password_hash FROM users where email = '{$u}' and pin = '{$pi}'"; $result = mysql_query($sql); $count = mysql_num_rows($result); $row = mysql_fetch_array($result); // check for correct email and password if (PassHash::check_password($row[0], $p)) { echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE..."; } else { echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY..."; }
/** * Comprobar Login de Usuario * @param String $correo correo del usuario * @param String $password contraseña de usuario * @return boolean login fallido/correcto */ public function checkLogin($correo, $password) { // Obtenemos usuario por correo $stmt = $this->conn->prepare("SELECT Password FROM Usuario WHERE Correo = ?"); $stmt->bind_param("s", $correo); $stmt->execute(); $stmt->bind_result($password_hash); $stmt->store_result(); if ($stmt->num_rows > 0) { // Si encontro usuario // Comprobamos ahora la contraseña $stmt->fetch(); $stmt->close(); if (PassHash::check_password($password_hash, $password)) { // Es Correcta return TRUE; } else { // Es Incorrecta return FALSE; } } else { $stmt->close(); // Usuario no registrado con ese email return FALSE; } }
<?php include 'inc/class.PassHash.inc.php'; include 'inc/class.db_connect.inc.php'; $checkedFormsFields = checkFormField::cleanFormField($_POST); DB_Connect::test(); if (isset($checkedFormsFields['save'])) { $today = date("Ymd"); $query = 'insert into users (username, pass, name, firstName, lastName, regDate) values ("' . $checkedFormsFields['username'] . '", "' . PassHash::hash($checkedFormsFields['password']) . '", "' . $checkedFormsFields['name'] . '", "' . $checkedFormsFields['firstName'] . '", "' . $checkedFormsFields['lastName'] . '", "' . $today . '")'; $result = DB_Connect::query($query); if ($result == 1) { header('Location: index.php'); } } else { $query = 'select * from users where username = "******"'; $result = DB_Connect::query($query); $fila = mysql_fetch_assoc($result); if ($checkedFormsFields['validateUsername']) { echo json_encode($fila); } else { if (PassHash::check_password($fila["pass"], $checkedFormsFields['password'])) { header('Location: success.php'); } } }
/** * Descrição * @param type $login * @param type $senha * @return type */ public function checkLogin($login, $senhaPlana) { $autorizado = FALSE; $sql = "SELECT usuario.nm_login, usuario.nm_senha" . " FROM tb_usuario AS usuario" . " WHERE" . " usuario.nm_login = ?" . " AND usuario.fl_ativo = " . USUARIO_ATIVO; $stmt = $this->conn->prepare($sql); // Parâmetros: tipos das entradas, entradas. $stmt->bind_param("s", $login); $resultStmt = $stmt->execute(); $stmt->store_result(); if ($resultStmt && $stmt->num_rows > 0) { $stmt->bind_result($login, $senhaHash); $stmt->fetch(); if (PassHash::check_password($senhaHash, $senhaPlana)) { $autorizado = TRUE; } } $stmt->close(); return $autorizado; }
public function login($username, $password) { $query = $this->db->prepare("SELECT password, id, role FROM users WHERE username = ?"); $query->bindValue(1, $username); try { $query->execute(); $data = $query->fetch(); $stored_password = $data['password']; $id = $data['id']; $role = $data['role']; if (PassHash::check_password($stored_password, $password)) { $dataArray = array('id' => $id, 'role' => $role); return $dataArray; } else { return false; } } catch (PDOexception $e) { die($e->getMessage()); } }
$userName = $_POST['user']; $pass = $_POST['password']; // To protect MySQL injection (more detail about MySQL injection) $userName = stripslashes($userName); $pass = stripslashes($pass); $userName = $mysqli->real_escape_string($userName); $pass = $mysqli->real_escape_string($pass); $sql = "SELECT * FROM USER WHERE userName='******'"; $result = array(); if ($resultDb = $mysqli->query($sql)) { // determine number of rows result set $count = $resultDb->num_rows; // If result matched $userName and $pass, table row must be 1 row if ($count == 1) { $record = $resultDb->fetch_assoc(); if (PassHash::check_password($record['password'], $pass)) { $_SESSION['authenticated'] = "yes"; $_SESSION['username'] = $userName; $result['success'] = true; $result['msg'] = 'User authenticated!'; } else { $result['success'] = false; $result['msg'] = 'Incorrect password.'; } } else { $result['success'] = false; $result['msg'] = 'Incorrect user or password.'; } /* close result set */ $resultDb->close(); }
/** * checkLogin prüft Benutzername und Passwort zum Login * @param String $email Benutzername * @param String $password Benutzerpasswort * @return 1: Daten stimmen überein * @return 0: Daten sind falsch oder nicht vorhanden */ public function checkLogin($username, $password) { // Prüfen ob den Benutzername in der DB existiert $stmt = $this->conn->prepare("SELECT password FROM user WHERE username = ?"); $stmt->bind_param("s", $username); $stmt->execute(); // Benutzerpassworthash in die VAR passwort_hash schreiben $stmt->bind_result($password_hash); $stmt->store_result(); // Wenn ein Benutzer gefunden wurde if ($stmt->num_rows > 0) { // Prüfe nun das Passwort $stmt->fetch(); $stmt->close(); // Passwort Eingabe mit Passworthash aus der DB vergleichen if (PassHash::check_password($password_hash, $password)) { // Passwort ist korrekt return TRUE; } else { // Passwort falsch return FALSE; } } else { $stmt->close(); // Benutzer existiert nicht in der DB return FALSE; } }
public function CheckUserPass($name, $password) { $res = $this->GetUserByName($name); $hashing = new PassHash(); return $hashing->check_password($res[0][3], $password); }
public function checkLogin($email_username, $password) { //get password hash script require_once 'PassHash.php'; //1. check if email and active are ok $stmt = $this->conn->prepare("SELECT COUNT(*) FROM user WHERE email=:email_username OR user_name=:email_username AND active IS null"); $stmt->bindValue(':email_username', $email_username, PDO::PARAM_STR); $stmt->execute(); $num_rows = $stmt->fetchColumn(); if ($num_rows > 0) { //email is good and activation code is empty //build actual query $stmt = $this->conn->prepare("SELECT password FROM user WHERE email=:email_username OR user_name=:email_username"); $stmt->bindValue(':email_username', $email_username, PDO::PARAM_STR); $stmt->execute(); $row = $stmt->fetch(PDO::FETCH_OBJ); //FETCH_OBJ: $row->pass //FETCH_ASSOC: $row->['pass'] if (PassHash::check_password($row->password, $password)) { //match return true; } else { return false; } } else { //no matching email return false; } }
<?php require "hash.php"; $u = $_POST["username"]; $p = $_POST["password"]; $conn = new PDO("mysql:host=localhost;dbname=rpatterson;", "rpatterson", "ohpeingu"); $results = $conn->prepare("SELECT * FROM fyp_user WHERE user_name = ?"); $results->bindParam(1, $u); $results->execute(); $pass = $results->fetch(); if (PassHash::check_password($pass['password'], $_POST['password'])) { session_destroy(); session_start(); $_SESSION["user"] = $u; $_SESSION["id"] = $pass['id']; if ($pass["isadmin"] == 1) { $_SESSION["admin"] = '1'; header("Location: timetable.php"); } else { header("Location: timetable.php"); } } else { echo "Wrong username or password"; echo "<script type='text/javascript'>"; echo "{alert('incorrect login');}"; echo "window.location = 'index.html'"; echo "</script>"; }