function check_mer_signature($mer_signature, $array, $password) { $comparator = mer_signature($array) . $password; if (strtoupper($mer_signature) == strtoupper(hash256($comparator))) { return true; } else { return false; } }
<?php require 'config.php'; // Attempt to log in if (isset($_GET['login'])) { $login = $_POST['login']; $password = $_POST['password']; // Construct $crud->table = "user"; $result = $crud->select('*', ['login' => $login, 'password' => hash256($password)]); // There is a match if (!empty($result)) { $user_id = $result[0]['user_id']; $type = $result[0]['type']; $_SESSION['user_id'] = $user_id; $_SESSION['type'] = $type; $crud->update(['date_logged' => DATETIME], ['user_id' => $user_id]); redirect('dashboard.php'); exit; } echo "<div class='alert alert-danger' role='alert'>Invalid user!</div>"; } if (isset($_GET['logout'])) { session_destroy(); echo "<div class='alert alert-danger' role='alert'>Logged user out!</div>"; } ?> <?php include 'header.php'; ?>
// Error checking if (strlen($login) == 0) { $errors[] = "Login is required!"; } if (strlen($password) == 0) { $errors[] = "Password is required!"; } if ($password != $password_confirm) { $errors[] = "Passwords do not match!"; } if (strlen($email) == 0) { $errors[] = "Email is required!"; } // Success if (empty($errors)) { $user_id = $crud->insert(['login' => $login, 'password' => hash256($password), 'email' => $email]); if (!$user_id) { $errors[] = "Problem with creating a user!"; } else { redirect('user.php'); exit; } } } if (isset($_GET['delete'])) { $user_id = $_GET['delete']; $result = $crud->delete(['user_id' => $user_id]); if ($result) { redirect('user.php'); } else { $errors[] = "Problem deleting the user!";
if (empty($errors)) { $result = $crud->update(['login' => $login, 'email' => $email], ['user_id' => $id]); $result; } } if (isset($_GET['change_password'])) { $password = $_POST['password']; $password_confirm = $_POST['password_confirm']; if (strlen($password) == 0) { $errors[] = "Password is required!"; } if ($password != $password_confirm) { $errors[] = "Passwords do not match!"; } if (empty($errors)) { $result = $crud->update(['password' => hash256($password)], ['user_id' => $id]); $result; } } ?> <?php include 'header.php'; ?> <div class="create"> <div class="container col-md-offset-3 col-md-3"> <h1>User Management</h1> <a class="btn btn-md btn-success" href="dashboard.php">Dashboard</a> <a class="btn btn-md btn-danger" href="index.php?logout">Logout</a> <br /><br />