protected function getSalt() { if (isset($_POST['password'])) { return getSalt(); } else { return false; } }
function getPasswordHash($id, $password, $fixedsalt) { $salt = getSalt($id, $fixedsalt); $hash = ''; //ストレッチング for ($i = 0; $i < 1000; $i++) { $hash = hash('sha256', $hash . $password . $salt); } return $hash; }
function set_address($id, $address) { #Sets address of user with id $id = mysql_real_escape_string($id); $address = mysql_real_escape_string($address); global $aes_password; $salt = getSalt($id); $ret = true; $query = "UPDATE users SET enc_address = AES_ENCRYPT('{$address}', '{$aes_password}{$salt}') WHERE id = {$id}"; mysql_query($query) or $ret = false; return $ret; }
function changePassword($username, $newPassword) { $userArray = []; include "getUsersFromJSON.php"; if (!empty($userArray)) { for ($i = 0; $i < sizeof($userArray); $i++) { if ($userArray[$i]->{'username'} == $username) { $userArray[$i]->{'password'} = crypt($newPassword, getSalt()); break; } } $path_config_users = ""; include "paths.php"; file_put_contents($path_config_users, json_encode($userArray, JSON_PRETTY_PRINT)); } }
function passwd($oldpwd, $newpwd) { global $session; global $dbh; if (!valid_passwd($oldpwd) || !valid_user($session['user'], $oldpwd, $privilege)) { echo "&error 3"; return; } if (valid_passwd($newpwd)) { $query = sprintf("UPDATE users SET pass=%s WHERE user=%s", $dbh->quote(crypt($newpwd, getSalt())), $dbh->quote($session['user'])); if ($dbh->exec($query) == 1) { echo "&end"; return; } else { echo "&error 5"; } } else { echo "&error 4"; } }
public function login() { //Gather data from AJAX $data = json_decode(file_get_contents('php://input'), true); $return['error'] = -3; $return['value'] = null; //Sanitise inputs $result = $this->checkInput($data, array('username', 'password')); if ($result == '') { //Check if UID exists $uid = getUserUID($data['username']); if ($uid == null) { $return['error'] = -2; $return['value'] = "Invalid credentials"; } else { $saltedPw = crypt($data['password'], getSalt($data['username'])); if (checkSaltedPass($data['username'], $saltedPw)) { //Generates salt for username $salt = $this->generateSalt(); //Authenticated token $token = $data['username'] . $salt; //Authentication information $cookievars['username'] = $data['username']; $cookievars['salt'] = $salt; //Creates cookie with name of authenticated token, setcookie(user_encrypt($token), json_encode($cookievars), 0, "/"); //Returns with authenticated token $return['error'] = 0; $return['value'] = user_encrypt($token); } else { $return['error'] = -2; $return['value'] = "Invalid credentials"; } } } else { $return['error'] = -1; $return['value'] = $result; } $jsonstring = json_encode($return); echo $jsonstring; }
function overrideUserProperties($username, $password, $forbiddenProjects, $accountType, $newUsername) { $userArray = []; include "getUsersFromJSON.php"; $path_config_users = ""; include "paths.php"; if (!empty($userArray)) { for ($i = 0; $i < sizeof($userArray); $i++) { if ($userArray[$i]->{'username'} == $username) { if ($username != "admin" && $username != "public") { if ($username == "New User" && $newUsername != "admin" && $newUsername != "public") { $username = $newUsername; } if (isset($newUsername) && $newUsername != "admin" && $newUsername != "public") { $username = $newUsername; } $userArray[$i]->{'username'} = $username; $userArray[$i]->{'forbiddenProjects'} = $forbiddenProjects; $userArray[$i]->{'accountType'} = $accountType; } elseif ($username == "public") { $userArray[$i]->{'username'} = "public"; $userArray[$i]->{'forbiddenProjects'} = $forbiddenProjects; $userArray[$i]->{'accountType'} = "user"; } elseif ($username == "admin") { $userArray[$i]->{'username'} = "admin"; $userArray[$i]->{'accountType'} = "admin"; $userArray[$i]->{'forbiddenProjects'} = "[]"; } if (isset($password) && $password != "" && !is_null($password) && $username != "public") { $userArray[$i]->{'password'} = crypt($password, getSalt()); } include_once "functions.php"; file_put_contents($path_config_users, json_encode(getSortedUserArray($userArray), JSON_PRETTY_PRINT)); break; } } } }
function password($pass) { // following CakePHP hash method return sha1(getSalt() . $pass); }
$userArray = []; include "getUsersFromJSON.php"; for ($i = 0; $i < sizeof($userArray); $i++) { if ($userArray[$i]->{'username'} == $username) { if ($userArray[$i]->{'password'} == $password) { $_SESSION['loggedIn'] = $username; $returnValue = $userArray[$i]->{'accountType'}; } else { //wrong password --> returnValue doesn't need to be changed! } break; } } echo $returnValue; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = $_POST['username']; $password = $_POST['password']; if (isset($username) && isset($password) && $username != "" && $password != "") { include_once "functions.php"; $password = crypt($password, getSalt()); if (file_exists($path_config_users)) { checkLoginData($username, $password); } else { echo 'failure'; //file doesn't exist } } else { echo "wrongInput"; } }
</form> <?php if (isset($_POST['username']) && isset($_POST['g-recaptcha-response'])) { if (isValid()) { if (strlen($_POST['username']) >= 8) { if (strlen($_POST['phone']) == countDigits($_POST['phone'])) { $con = mysqli_connect("localhost", "root", "PASS", "secure_login"); if (mysqli_connect_errno()) { die('Could not connect: ' . mysqli_connect_error()); } $result = mysqli_query($con, "SELECT username FROM members WHERE username='******'username'] . "'"); if (mysqli_num_rows($result) == 0) { $result = mysqli_query($con, "SELECT email FROM members WHERE email='" . strtolower($_POST['email']) . "'"); if (mysqli_num_rows($result) == 0) { mysqli_query($con, "INSERT INTO members (username, password, email, phone, salt, recoveryid, recoveryValid) VALUES ('" . $_POST['username'] . "','" . strtoupper(getSalt()) . "','" . strtolower($_POST['email']) . "','" . $_POST['phone'] . "','" . strtoupper(getSalt()) . "','" . generateRandomString(16) . "','" . date("d/m/Y") . "')"); send_mail(); mysqli_close($con); $pieces = explode("@", $_POST['email']); echo "Thank you for your registration. <br/>"; echo "Please check <a href=\"" . $pieces[1] . "\">your email</a> to activate your account."; } else { echo "There is already an account associated with this email. <a href=\"index.php\">Login</a>"; } } else { echo "This username is already in use. Please try another username."; } } else { echo 'The entered phone number does not seem to be valid. Please check it and try again. ([0-9])'; } } else {
function getCryptedPassword($plaintext, $salt = '', $encryption = 'md5-hex', $show_encrypt = false) { // Get the salt to use. $salt = getSalt($encryption, $salt, $plaintext); // Encrypt the password. switch ($encryption) { case 'plain': return $plaintext; case 'sha': $encrypted = base64_encode(mhash(MHASH_SHA1, $plaintext)); return $show_encrypt ? '{SHA}' . $encrypted : $encrypted; case 'crypt': case 'crypt-des': case 'crypt-md5': case 'crypt-blowfish': return ($show_encrypt ? '{crypt}' : '') . crypt($plaintext, $salt); case 'md5-base64': $encrypted = base64_encode(mhash(MHASH_MD5, $plaintext)); return $show_encrypt ? '{MD5}' . $encrypted : $encrypted; case 'ssha': $encrypted = base64_encode(mhash(MHASH_SHA1, $plaintext . $salt) . $salt); return $show_encrypt ? '{SSHA}' . $encrypted : $encrypted; case 'smd5': $encrypted = base64_encode(mhash(MHASH_MD5, $plaintext . $salt) . $salt); return $show_encrypt ? '{SMD5}' . $encrypted : $encrypted; case 'aprmd5': $length = strlen($plaintext); $context = $plaintext . '$apr1$' . $salt; $binary = JUserHelper::_bin(md5($plaintext . $salt . $plaintext)); for ($i = $length; $i > 0; $i -= 16) { $context .= substr($binary, 0, $i > 16 ? 16 : $i); } for ($i = $length; $i > 0; $i >>= 1) { $context .= $i & 1 ? chr(0) : $plaintext[0]; } $binary = JUserHelper::_bin(md5($context)); for ($i = 0; $i < 1000; $i++) { $new = $i & 1 ? $plaintext : substr($binary, 0, 16); if ($i % 3) { $new .= $salt; } if ($i % 7) { $new .= $plaintext; } $new .= $i & 1 ? substr($binary, 0, 16) : $plaintext; $binary = JUserHelper::_bin(md5($new)); } $p = array(); for ($i = 0; $i < 5; $i++) { $k = $i + 6; $j = $i + 12; if ($j == 16) { $j = 5; } $p[] = JUserHelper::_toAPRMD5(ord($binary[$i]) << 16 | ord($binary[$k]) << 8 | ord($binary[$j]), 5); } return '$apr1$' . $salt . '$' . implode('', $p) . JUserHelper::_toAPRMD5(ord($binary[11]), 3); case 'md5-hex': default: $encrypted = $salt ? md5($plaintext . $salt) : md5($plaintext); return $show_encrypt ? '{MD5}' . $encrypted : $encrypted; } }
ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); session_start(); include 'functions.php'; if (isset($_GET['email']) && isset($_GET['password'])) { $con = mysqli_connect("localhost", "root", "PASS", "secure_login"); if (mysqli_connect_errno()) { die('Could not connect: ' . mysqli_connect_error()); } $result = mysqli_query($con, "SELECT email FROM members WHERE email='" . strtolower($_GET['email']) . "'"); if (mysqli_num_rows($result) != 0) { $result = mysqli_fetch_assoc(mysqli_query($con, "SELECT * FROM members WHERE email='" . strtolower($_GET['email']) . "'")); if (strtoupper(hash('sha512', $_GET['password'] . $result['salt'])) == $result['password']) { $_SESSION['login'] = getSalt(); $_SESSION['loginTime'] = date('H:i:s'); $_SESSION['loginDate'] = date('Y/m/d '); $_SESSION['email'] = $_GET['email']; $_SESSION['username'] = $result['username']; $_SESSION['phone'] = $result['phone']; mysqli_query($con, "DELETE FROM `sessions` WHERE `sessions`.`email` = '" . strtolower($_GET['email']) . "'"); mysqli_query($con, "INSERT INTO sessions (email, sessionId, loginTime, loginDate) VALUES ('" . strtolower($_GET['email']) . "', '" . $_SESSION['login'] . "', '" . $_SESSION['loginTime'] . "', '" . $_SESSION['loginDate'] . "')"); if (check_login() == 0) { echo 'LOGIN_SUCCESS<br />' . $_SESSION['login'] . '<br />' . $_SESSION['username'] . '<br />' . $_SESSION['email'] . '<br />' . $_SESSION['phone']; } else { if (check_login() == 1) { echo 'ERROR_EXPIRED'; session_destroy(); } }
<?php if (!isset($_SESSION)) { session_start(); } include_once "functions.php"; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $oldPassword = $_POST['oldPassword']; $username = $_SESSION['loggedIn']; $password = $_POST['password']; if (isUserAdmin($username) || isset($oldPassword) && crypt($oldPassword, getSalt()) == getPassword($username)) { include_once "functions.php"; changePassword($username, $password); } else { echo "denied"; } }
function checkCookies(&$forceLogin, &$error, $ignoreBlanks) { $forceLogin = TRUE; $error = ""; global $sessionDuration; dbgSquirt("==============Function: checkCoookies =============="); dbgSquirt('Cookie --' . dbgShowFile($_COOKIE)); if (isset($_COOKIE['user']) && !empty($_COOKIE['user']) && isset($_COOKIE['authentication']) && !empty($_COOKIE['authentication'])) { // both user and authentication cookies are set and non-blank // dbgSquirt("Cookies set and non-empty"); $userCookie = $_COOKIE['user']; $authenticationCookie = $_COOKIE['authentication']; $time = time(); // dbgSquirt("Getting salt"); if (getSalt($salt)) { // dbgSquirt("...salt gotten"); // dbgSquirt("Encrypting"); if (sha1($userCookie . $salt) == $authenticationCookie) { // authentication passed // so reset expiration on cookies // dbgSquirt("Cookie matches encryption"); // dbgSquirt("Resetting cookies"); // dbgSquirt("Time -- $time"); // dbgSquirt("Time + Duration -- ". ($time+$sessionDuration)); $result = setcookie("user", $userCookie, $time + $sessionDuration); $result1 = setcookie("authentication", $authenticationCookie, $time + $sessionDuration); if (TRUE == $result && TRUE == $result1) { // everything worked // dbgSquirt("Everything worked ... no need to forceLogin"); $forceLogin = FALSE; } else { $error = "Internal error -- problem while creating cookies. Please contact an administrator."; } } else { // credentials in cookies don't match. // dbgSquirt("Cookie does NOT match encryption"); $error = "Authentication error -- The supplied credentials don't match our stored values. Please reauthenticate and try again."; } } else { // dbgSquirt("...error while getting salt"); // error while trying to get salt value $error = "Internal error -- unable to validate supplied credentials. Please reauthenticate and try again."; } } else { // cookies were unset or contained empty values // dbgSquirt("Cookies unset or empty"); if (FALSE == $ignoreBlanks) { $error = "Please log in."; } } dbgSquirt("Returning -- " . empty($error)); return empty($error); }
public function getHashedPassword($userName, $password) { $salt = getSalt($userName); $passwordHashed = crypt($password, $salt); return substr($passwordHashed, strlen($salt)); }
$username = $_POST['username']; $password = $_POST['password']; $encryptedPassword = createPassword($username, $password); $state = validateUser($username, $encryptedPassword); if ("N" == $state) { dbgSquirt('Not a valid user'); $error = "Authentication error -- Invalid username/password combination."; } else { if ("A" == $state) { // active account and username/password match dbgSquirt('Active account matched.'); // if we haven't already looked up the salt, do so now $result = TRUE; if (empty($salt)) { dbgSquirt('Getting salt'); $result = getSalt($salt); } if (FALSE == $result) { // uh-oh ... we got an error getting the salt dbgSquirt('Error in getSalt'); $error = "Internal error -- failure while processing login. Please contact an administrator."; } else { dbgSquirt('Extending cookies'); dbgSquirt("Time -- {$time}"); dbgSquirt("Time + Duration -- " . ($time + $sessionDuration)); $result = setcookie("user", $username, $time + $sessionDuration); $result1 = setcookie("authentication", sha1($username . $salt), $time + $sessionDuration); if (TRUE == $result && TRUE == $result1) { // everything worked dbgSquirt('Everything worked.'); $forceLogin = FALSE;
public function chgpwd() { if (!$this->isPost()) { $this->user('修改密码'); exit; } $id = getUserId(); $oldpassword = $this->_post('oldpassword', 'mysql_escape_string'); $password = $this->_post('password', 'mysql_escape_string'); $model = D("User"); $data = $model->where("id={$id}")->find(); //校验 if ($data['password'] == pwdHash($oldpassword . $data['salt'])) { $data['salt'] = getSalt(); $data['password'] = pwdHash($password . $data['salt']); $model->where("id={$id}")->save($data); $this->success($model->getError()); } else { $this->error("原密码错误!"); } }
function hashPasswd($password) { return md5($password . getSalt()); }
} mq("UPDATE users SET firstname='" . addslashes($_POST["firstname"]) . "', lastname='" . addslashes($_POST["lastname"]) . "', login='******', email='" . addslashes($_POST["email"]) . "' WHERE id='" . intval($_POST["id"]) . "';"); $_REQUEST["msg"] = _("Account edited successfully"); $_REQUEST["action"] = ""; } break; case "docreate": // CREATE // search for existing login : $already = mqone("SELECT * FROM users WHERE login='******';"); if ($already) { $_REQUEST["error"] = _("This login is already used, please choose another one"); $_REQUEST["action"] = "create"; } else { $pass = mkpass(); mq("INSERT INTO users SET firstname='" . addslashes($_POST["firstname"]) . "', lastname='" . addslashes($_POST["lastname"]) . "', login='******', email='" . addslashes($_POST["email"]) . "', pass='******', role=0;"); // FIXME: set the default role // Send the new password to the user's email : mail($_POST["email"], sprintf(_("Account created on https://%s"), $_SERVER["HTTP_HOST"]), sprintf(_("Hello,\nYour new account has just been created on https://%s\nPlease go there to login and change your password.\nYour login is %s\nand your password is %s\n\nThanks\n"), $_SERVER["HTTP_HOST"], $_REQUEST["login"], $pass)); $_REQUEST["msg"] = _("Account created successfully"); $_REQUEST["action"] = ""; } break; } // SWITCH require_once "head.php"; require_once "menu.php"; require "messagebox.php"; ?> <div class="container-fluid main">
//$_SESSION['token'] = $results[SP::TOKEN]; $loggedIn = true; break; default: // We don't care WHAT went wrong; this just means that the user's not logged in, which is all we need to know right now. header("Location: logout.php?error=" . $results[SP::ERROR]); break; } } if ($loggedIn) { // Already logged in header("Location: profile.php"); exit; } $username = $_POST['username']; $results = getSalt($db, $username); switch ($results[SP::ERROR]) { case ERR::OK: $password = $_POST['password']; $hash = hashPasswordCustomSalt($password, $results[LOGIN::SALT]); $results = login($db, $username, $hash); $loginToken = $results[SP::TOKEN]; switch ($results[SP::ERROR]) { case ERR::OK: $results = getUserID($db, $username); switch ($results[SP::ERROR]) { case ERR::OK: $_SESSION['token'] = $loginToken; $_SESSION['id'] = $results[USER::ID]; $_SESSION['permission'] = $results[PERMISSION::LEVEL]; header("Location: profile.php");
if ($width3 > 1440 or $height3 > 900) { $nationalIDCardScan = ""; $imageFail = TRUE; } } if ($citizenship1PassportScan != "") { $size4 = getimagesize($path . "/" . $citizenship1PassportScan); $width4 = $size4[0]; $height4 = $size4[1]; if ($width4 > 1440 or $height4 > 900) { $citizenship1PassportScan = ""; $imageFail = TRUE; } } } $salt = getSalt(); $passwordStrong = hash("sha256", $salt . $password); //Write to database try { $data = array("title" => $title, "surname" => $surname, "firstName" => $firstName, "preferredName" => $preferredName, "officialName" => $officialName, "nameInCharacters" => $nameInCharacters, "gender" => $gender, "username" => $username, "passwordStrong" => $passwordStrong, "passwordStrongSalt" => $salt, "status" => $status, "canLogin" => $canLogin, "passwordForceReset" => $passwordForceReset, "gibbonRoleIDPrimary" => $gibbonRoleIDPrimary, "gibbonRoleIDAll" => $gibbonRoleIDPrimary, "dob" => $dob, "email" => $email, "emailAlternate" => $emailAlternate, "address1" => $address1, "address1District" => $address1District, "address1Country" => $address1Country, "address2" => $address2, "address2District" => $address2District, "address2Country" => $address2Country, "phone1Type" => $phone1Type, "phone1CountryCode" => $phone1CountryCode, "phone1" => $phone1, "phone2Type" => $phone2Type, "phone2CountryCode" => $phone2CountryCode, "phone2" => $phone2, "phone3Type" => $phone3Type, "phone3CountryCode" => $phone3CountryCode, "phone3" => $phone3, "phone4Type" => $phone4Type, "phone4CountryCode" => $phone4CountryCode, "phone4" => $phone4, "website" => $website, "languageFirst" => $languageFirst, "languageSecond" => $languageSecond, "languageThird" => $languageThird, "countryOfBirth" => $countryOfBirth, "ethnicity" => $ethnicity, "citizenship1" => $citizenship1, "citizenship1Passport" => $citizenship1Passport, "citizenship1PassportScan" => $citizenship1PassportScan, "citizenship2" => $citizenship2, "citizenship2Passport" => $citizenship2Passport, "religion" => $religion, "nationalIDCardNumber" => $nationalIDCardNumber, "nationalIDCardScan" => $nationalIDCardScan, "residencyStatus" => $residencyStatus, "visaExpiryDate" => $visaExpiryDate, "emergency1Name" => $emergency1Name, "emergency1Number1" => $emergency1Number1, "emergency1Number2" => $emergency1Number2, "emergency1Relationship" => $emergency1Relationship, "emergency2Name" => $emergency2Name, "emergency2Number1" => $emergency2Number1, "emergency2Number2" => $emergency2Number2, "emergency2Relationship" => $emergency2Relationship, "profession" => $profession, "employer" => $employer, "jobTitle" => $jobTitle, "attachment1" => $attachment1, "gibbonHouseID" => $gibbonHouseID, "studentID" => $studentID, "dateStart" => $dateStart, "gibbonSchoolYearIDClassOf" => $gibbonSchoolYearIDClassOf, "lastSchool" => $lastSchool, "transport" => $transport, "transportNotes" => $transportNotes, "lockerNumber" => $lockerNumber, "vehicleRegistration" => $vehicleRegistration, "privacy" => $privacy, "agreements" => $agreements, "dayType" => $dayType); $sql = "INSERT INTO gibbonPerson SET title=:title, surname=:surname, firstName=:firstName, preferredName=:preferredName, officialName=:officialName, nameInCharacters=:nameInCharacters, gender=:gender, username=:username, password='', passwordStrong=:passwordStrong, passwordStrongSalt=:passwordStrongSalt, status=:status, canLogin=:canLogin, passwordForceReset=:passwordForceReset, gibbonRoleIDPrimary=:gibbonRoleIDPrimary, gibbonRoleIDAll=:gibbonRoleIDAll, dob=:dob, email=:email, emailAlternate=:emailAlternate, address1=:address1, address1District=:address1District, address1Country=:address1Country, address2=:address2, address2District=:address2District, address2Country=:address2Country, phone1Type=:phone1Type, phone1CountryCode=:phone1CountryCode, phone1=:phone1, phone2Type=:phone2Type, phone2CountryCode=:phone2CountryCode, phone2=:phone2, phone3Type=:phone3Type, phone3CountryCode=:phone3CountryCode, phone3=:phone3, phone4Type=:phone4Type, phone4CountryCode=:phone4CountryCode, phone4=:phone4, website=:website, languageFirst=:languageFirst, languageSecond=:languageSecond, languageThird=:languageThird, countryOfBirth=:countryOfBirth, ethnicity=:ethnicity, citizenship1=:citizenship1, citizenship1Passport=:citizenship1Passport, citizenship2=:citizenship2, citizenship2Passport=:citizenship2Passport, religion=:religion, nationalIDCardNumber=:nationalIDCardNumber, nationalIDCardScan=:nationalIDCardScan, citizenship1PassportScan=:citizenship1PassportScan, residencyStatus=:residencyStatus, visaExpiryDate=:visaExpiryDate, emergency1Name=:emergency1Name, emergency1Number1=:emergency1Number1, emergency1Number2=:emergency1Number2, emergency1Relationship=:emergency1Relationship, emergency2Name=:emergency2Name, emergency2Number1=:emergency2Number1, emergency2Number2=:emergency2Number2, emergency2Relationship=:emergency2Relationship, profession=:profession, employer=:employer, jobTitle=:jobTitle, image_240=:attachment1, gibbonHouseID=:gibbonHouseID, studentID=:studentID, dateStart=:dateStart, gibbonSchoolYearIDClassOf=:gibbonSchoolYearIDClassOf, lastSchool=:lastSchool, transport=:transport, transportNotes=:transportNotes, lockerNumber=:lockerNumber, vehicleRegistration=:vehicleRegistration, privacy=:privacy, studentAgreements=:agreements, dayType=:dayType"; $result = $connection2->prepare($sql); $result->execute($data); } catch (PDOException $e) { //Fail 2 $URL .= "&addReturn=fail2"; header("Location: {$URL}"); break; } //Unlock tables try {
<?php $salt_names = array('Filename', 'SaltKey', 'Session'); /** * Get a random and unique salt string of the length specified * * @param $length_bits The number of bits to generate * * @return A random salt */ function getSalt($length_bits = 256) { $bytes = openssl_random_pseudo_bytes($length_bits / 8); $hex = bin2hex($bytes); return $hex; } if (file_exists(__DIR__ . '\\salts.php')) { print "An existing salts.php file was found, keeping existing values.\n"; require __DIR__ . '\\salts.php'; } $fileContent = file_get_contents(__DIR__ . '\\salts.template.php'); foreach ($salt_names as $saltName) { $value = getSalt(); if (defined("Config_Salts::{$saltName}")) { $value = constant("Config_Salts::{$saltName}"); } else { print "{$saltName} does not exist in old file, adding it.\n"; } $fileContent = str_replace('%' . $saltName . '%', $value, $fileContent); } file_put_contents(__DIR__ . '\\salts.php', $fileContent);