/**
* Checking user login
* @param String $email User login email id
* @param String $password User login password
* @return boolean User login status success/fail
*/
public function checkLogin($email, $password)
{
// fetching user by email
$stmt = $this->conn->prepare("SELECT password_hash FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->bind_result($password_hash);
$stmt->store_result();
if ($stmt->num_rows > 0) {
// Found user with the email
// Now verify the password
$stmt->fetch();
$stmt->close();
if (PassHash::check_password($password_hash, $password)) {
// User password is correct
return TRUE;
} else {
// user password is incorrect
return FALSE;
}
} else {
$stmt->close();
// user not existed with the email
return FALSE;
}
}
/**
* Checking user login
* @param String $email User login email id
* @param String $password User login password
* @return boolean User login status success/fail
*/
public function checkLogin($email, $password)
{
// fetching user by email
$stmt = $this->conn->prepare("SELECT `password_hash` FROM `users` WHERE `email` = :email");
$stmt->execute(array('email' => $email));
if ($stmt->rowCount() > 0) {
$password_hash = $stmt->fetchColumn();
if (PassHash::check_password($password_hash, $password)) {
// User password is correct
return TRUE;
}
}
return FALSE;
}
/**
* Checking user login
* @param String $email User login email id
* @param String $password User login password
* @return boolean User login status success/fail
*/
public static function checkLogin($email, $password)
{
// fetching user by email
$user = User::where('email', $email)->get();
if ($user->count() > 0) {
$password_hash = $user[0]->password;
if (PassHash::check_password($password_hash, $password)) {
//Generate new API everytime log in so old API become invalid
$user[0]->apiKey = Utils::generateApiKey();
$user[0]->save();
return $user[0];
} else {
return NULL;
}
} else {
return NULL;
}
}
public function checkLogin($email, $password)
{
$stmt = $this->conn->prepare("SELECT password_hash FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->bind_result($password_hash);
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->fetch();
$stmt->close();
if (PassHash::check_password($password_hash, $password)) {
return TRUE;
} else {
return FALSE;
}
} else {
$stmt->close();
return FALSE;
}
}
/**
* Checking user login
* @param String $email User login email id
* @param String $password User login password
* @return boolean User login status success/fail
*/
public function checkLogin($email, $password)
{
// fetching user by email
$stmt = $this->db->prepare("SELECT password_hash FROM users WHERE email = :email");
$stmt->execute(array(":email" => $email));
if ($stmt->rowCount() > 0) {
// Found user with the email
// Now verify the password
$res = $stmt->fetch();
if (PassHash::check_password($res->password_hash, $password)) {
// User password is correct
return TRUE;
} else {
// user password is incorrect
return FALSE;
}
} else {
// user not existed with the email
return FALSE;
}
}
public function checkLogin($username, $password)
{
require_once dirname(__FILE__) . '/' . '../utils/PassHash.php';
$stmt = $this->conn->prepare("SELECT password FROM USERS WHERE username = ?");
$stmt->bind_param("s", $username);
$stmt->execute();
$stmt->bind_result($password_hash);
$stmt->store_result();
if ($stmt->num_rows > 0) {
// Found user with the email
// Now verify the password
$stmt->fetch();
$stmt->close();
if (PassHash::check_password($password_hash, $password)) {
return TRUE;
} else {
return FALSE;
}
} else {
$stmt->close();
return FALSE;
}
}
/**
* Checking user login
* @param String $email User login email id
* @param String $password User login password
* @return boolean User login status success/fail
*/
public function checkLogin($email, $password)
{
// fetching user by email
$stmt = $this->conn->prepare("SELECT PasswordHash, UserID FROM User WHERE Email = ?");
$stmt->bind_param("s", $email);
if ($stmt->execute()) {
$result = $stmt->get_result()->fetch_assoc();
$stmt->close();
}
if ($result) {
// Found user with the email
// Now verify the password
if (PassHash::check_password($result["PasswordHash"], $password)) {
// User password is correct
return $result["UserID"];
} else {
// user password is incorrect
return null;
}
} else {
// user not existed with the email
return null;
}
}
<?php
require_once '/include/PassHash.php';
define('DB_HOST', 'localhost');
define('DB_NAME', 'task_manager');
define('DB_USER', 'vyk');
define('DB_PASSWORD', 'navneeta');
$con = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db = mysql_select_db(DB_NAME, $con) or die("Failed to connect to MySQL: " . mysql_error());
$u = $_POST['user'];
$p = $_POST['pass'];
$pi = $_POST['pin'];
$sql = "SELECT password_hash FROM users where email = '{$u}' and pin = '{$pi}'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
$row = mysql_fetch_array($result);
// check for correct email and password
if (PassHash::check_password($row[0], $p)) {
echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";
} else {
echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
}
/**
* Comprobar Login de Usuario
* @param String $correo correo del usuario
* @param String $password contraseña de usuario
* @return boolean login fallido/correcto
*/
public function checkLogin($correo, $password)
{
// Obtenemos usuario por correo
$stmt = $this->conn->prepare("SELECT Password FROM Usuario WHERE Correo = ?");
$stmt->bind_param("s", $correo);
$stmt->execute();
$stmt->bind_result($password_hash);
$stmt->store_result();
if ($stmt->num_rows > 0) {
// Si encontro usuario
// Comprobamos ahora la contraseña
$stmt->fetch();
$stmt->close();
if (PassHash::check_password($password_hash, $password)) {
// Es Correcta
return TRUE;
} else {
// Es Incorrecta
return FALSE;
}
} else {
$stmt->close();
// Usuario no registrado con ese email
return FALSE;
}
}
<?php
include 'inc/class.PassHash.inc.php';
include 'inc/class.db_connect.inc.php';
$checkedFormsFields = checkFormField::cleanFormField($_POST);
DB_Connect::test();
if (isset($checkedFormsFields['save'])) {
$today = date("Ymd");
$query = 'insert into users (username, pass, name, firstName, lastName, regDate) values ("' . $checkedFormsFields['username'] . '", "' . PassHash::hash($checkedFormsFields['password']) . '", "' . $checkedFormsFields['name'] . '", "' . $checkedFormsFields['firstName'] . '", "' . $checkedFormsFields['lastName'] . '", "' . $today . '")';
$result = DB_Connect::query($query);
if ($result == 1) {
header('Location: index.php');
}
} else {
$query = 'select * from users where username = "******"';
$result = DB_Connect::query($query);
$fila = mysql_fetch_assoc($result);
if ($checkedFormsFields['validateUsername']) {
echo json_encode($fila);
} else {
if (PassHash::check_password($fila["pass"], $checkedFormsFields['password'])) {
header('Location: success.php');
}
}
}
/**
* Descrição
* @param type $login
* @param type $senha
* @return type
*/
public function checkLogin($login, $senhaPlana)
{
$autorizado = FALSE;
$sql = "SELECT usuario.nm_login, usuario.nm_senha" . " FROM tb_usuario AS usuario" . " WHERE" . " usuario.nm_login = ?" . " AND usuario.fl_ativo = " . USUARIO_ATIVO;
$stmt = $this->conn->prepare($sql);
// Parâmetros: tipos das entradas, entradas.
$stmt->bind_param("s", $login);
$resultStmt = $stmt->execute();
$stmt->store_result();
if ($resultStmt && $stmt->num_rows > 0) {
$stmt->bind_result($login, $senhaHash);
$stmt->fetch();
if (PassHash::check_password($senhaHash, $senhaPlana)) {
$autorizado = TRUE;
}
}
$stmt->close();
return $autorizado;
}
public function login($username, $password)
{
$query = $this->db->prepare("SELECT password, id, role FROM users WHERE username = ?");
$query->bindValue(1, $username);
try {
$query->execute();
$data = $query->fetch();
$stored_password = $data['password'];
$id = $data['id'];
$role = $data['role'];
if (PassHash::check_password($stored_password, $password)) {
$dataArray = array('id' => $id, 'role' => $role);
return $dataArray;
} else {
return false;
}
} catch (PDOexception $e) {
die($e->getMessage());
}
}
$userName = $_POST['user'];
$pass = $_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$userName = stripslashes($userName);
$pass = stripslashes($pass);
$userName = $mysqli->real_escape_string($userName);
$pass = $mysqli->real_escape_string($pass);
$sql = "SELECT * FROM USER WHERE userName='******'";
$result = array();
if ($resultDb = $mysqli->query($sql)) {
// determine number of rows result set
$count = $resultDb->num_rows;
// If result matched $userName and $pass, table row must be 1 row
if ($count == 1) {
$record = $resultDb->fetch_assoc();
if (PassHash::check_password($record['password'], $pass)) {
$_SESSION['authenticated'] = "yes";
$_SESSION['username'] = $userName;
$result['success'] = true;
$result['msg'] = 'User authenticated!';
} else {
$result['success'] = false;
$result['msg'] = 'Incorrect password.';
}
} else {
$result['success'] = false;
$result['msg'] = 'Incorrect user or password.';
}
/* close result set */
$resultDb->close();
}
/**
* checkLogin prüft Benutzername und Passwort zum Login
* @param String $email Benutzername
* @param String $password Benutzerpasswort
* @return 1: Daten stimmen überein
* @return 0: Daten sind falsch oder nicht vorhanden
*/
public function checkLogin($username, $password)
{
// Prüfen ob den Benutzername in der DB existiert
$stmt = $this->conn->prepare("SELECT password FROM user WHERE username = ?");
$stmt->bind_param("s", $username);
$stmt->execute();
// Benutzerpassworthash in die VAR passwort_hash schreiben
$stmt->bind_result($password_hash);
$stmt->store_result();
// Wenn ein Benutzer gefunden wurde
if ($stmt->num_rows > 0) {
// Prüfe nun das Passwort
$stmt->fetch();
$stmt->close();
// Passwort Eingabe mit Passworthash aus der DB vergleichen
if (PassHash::check_password($password_hash, $password)) {
// Passwort ist korrekt
return TRUE;
} else {
// Passwort falsch
return FALSE;
}
} else {
$stmt->close();
// Benutzer existiert nicht in der DB
return FALSE;
}
}
public function CheckUserPass($name, $password)
{
$res = $this->GetUserByName($name);
$hashing = new PassHash();
return $hashing->check_password($res[0][3], $password);
}
public function checkLogin($email_username, $password)
{
//get password hash script
require_once 'PassHash.php';
//1. check if email and active are ok
$stmt = $this->conn->prepare("SELECT COUNT(*) FROM user WHERE email=:email_username OR user_name=:email_username AND active IS null");
$stmt->bindValue(':email_username', $email_username, PDO::PARAM_STR);
$stmt->execute();
$num_rows = $stmt->fetchColumn();
if ($num_rows > 0) {
//email is good and activation code is empty
//build actual query
$stmt = $this->conn->prepare("SELECT password FROM user WHERE email=:email_username OR user_name=:email_username");
$stmt->bindValue(':email_username', $email_username, PDO::PARAM_STR);
$stmt->execute();
$row = $stmt->fetch(PDO::FETCH_OBJ);
//FETCH_OBJ: $row->pass
//FETCH_ASSOC: $row->['pass']
if (PassHash::check_password($row->password, $password)) {
//match
return true;
} else {
return false;
}
} else {
//no matching email
return false;
}
}
<?php
require "hash.php";
$u = $_POST["username"];
$p = $_POST["password"];
$conn = new PDO("mysql:host=localhost;dbname=rpatterson;", "rpatterson", "ohpeingu");
$results = $conn->prepare("SELECT * FROM fyp_user WHERE user_name = ?");
$results->bindParam(1, $u);
$results->execute();
$pass = $results->fetch();
if (PassHash::check_password($pass['password'], $_POST['password'])) {
session_destroy();
session_start();
$_SESSION["user"] = $u;
$_SESSION["id"] = $pass['id'];
if ($pass["isadmin"] == 1) {
$_SESSION["admin"] = '1';
header("Location: timetable.php");
} else {
header("Location: timetable.php");
}
} else {
echo "Wrong username or password";
echo "<script type='text/javascript'>";
echo "{alert('incorrect login');}";
echo "window.location = 'index.html'";
echo "</script>";
}
