function addUser($mysqli, $email, $pwd) { $crypto = new Crypto(); $salt = $crypto->generateSalt(10); $hash = $crypto->generateHash($pwd, $salt); $sql = "INSERT INTO users(email, hash, salt, nbrAttempts) \n\t\t\tVALUES('" . $email . "', '" . $hash . "', '" . $salt . "', '0')"; $mysqli->multi_query($sql); $_SESSION['isLoggedIn'] = 1; $_SESSION['username'] = $email; redirect("https://127.0.0.1/searchView.php"); }
function addUser($mysqli, $email, $pwd) { $sql = "INSERT INTO users(email, hash, salt, nbrAttempts) VALUES(?, ?, ?, '0')"; $stmt = $mysqli->prepare($sql); $crypto = new Crypto(); $salt = $crypto->generateSalt(10); $hash = $crypto->generateHash($pwd, $salt); if ($stmt->bind_param('sss', $email, $hash, $salt)) { if ($stmt->execute()) { echo "executed"; $_SESSION['isLoggedIn'] = 1; $_SESSION['username'] = $email; redirect("https://127.0.0.1/searchView.php"); $stmt->free_result(); } } }
function existingUsername($salt_db, $hash_db, $password, $username) { echo $salt_db; $crypto = new Crypto(); $hash = $crypto->generateHash($password, $salt_db); echo '<br/>Generated hash: ' . $hash . '<br/>'; echo 'Hash From db ' . $hash_db; if ($hash_db == $hash && !isUserBlocked($username)) { $_SESSION['username'] = $username; return true; } else { attemptLogin($username); return false; } }