if (isset($_POST["submit"])) { require_once 'connectioncli.php'; $uname = $_POST["dbuname"]; $pass = $_POST["dbpass"]; $goto = $_GET["goto"]; $link = mysql_connect(DBHOST, $uname, $pass); if (!$link) { echo "<script type='text/javascript'>alert('Wrong Credentials!!');window.location='auth.php?goto={$goto}'</script>"; } else { if (!mysql_select_db(DBNAME)) { echo "<script type='text/javascript'>alert('Cant Connect to Database!!');window.location='auth.php?goto={$goto}'</script>"; } } require_once 'classes.php'; $pbkdf2 = new PBKDF2(); $key = $pbkdf2->deriveKey($goto); $crypto = new Crypto($key); $c = $crypto->aesEncrypt($goto); setcookie("auth", $c); $red = $_GET["goto"] . ".php"; echo "<script type='text/javascript'>window.location='{$red}';</script>"; } function table_exists($tablename) { $x = mysql_query("show tables like '{$tablename}'"); if (mysql_num_rows($x) > 0) { return TRUE; } else { return FALSE; } }
public function phase1($username, $passphrase) { $challenge = uniqid(); $x = $username . $passphrase; $pbkdf2 = new PBKDF2(); $key = $pbkdf2->deriveKey($x); $keymas = $pbkdf2->deriveKey($key . ":" . $challenge); $crypto = new Crypto($keymas); require_once "settings.php"; $url = getSHOST() . "?mode=handshake&values=" . $username . ":" . $challenge; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_REFERER, "www.google.com"); $body = curl_exec($ch); $json = json_decode($body); $emsg = utf8_decode($json->message); $token = $crypto->aesDecrypt(utf8_decode($json->token)); $plain = $crypto->aesDecrypt($emsg); $pl = $plain; if ($pl == "Standard Message#1") { setcookie("username", $username); setcookie("passphrase", $passphrase); setcookie("key", $key); setcookie("keymas", $keymas); setcookie("token", $token); echo "<script type='text/javascript'>window.location = \"phase2.php\";</script>"; } else { //redirect("?err=true"); } }