Пример #1
0
function login($username, $password)
{
    $res = $GLOBALS['db']->select('user', ['name' => $username]);
    /* For update from 1.4 */
    /* This code will be removed in 1.6 */
    if (strlen($res[0]['pass']) == 32) {
        if ($res[0]['pass'] == md5($password)) {
            $GLOBALS['db']->update('user', ['pass' => password_hash($password, PASSWORD_DEFAULT)], ['name' => $username]);
            $passphrase['b'] = md5_128($password);
            $iv = substr(md5("<X" . $passphrase['b'], true), 0, 8);
            $key = substr(md5("-üØ" . $passphrase['b'], true) . md5("-üÙ" . $passphrase['b'], true), 0, 24);
            foreach ($GLOBALS['db']->select("file", ["owner" => $username]) as $value) {
                $passphrase['a'] = $value['secret'];
                $passphrase['c'] = rtrim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $passphrase['a'], MCRYPT_MODE_CBC, $iv)), "");
                $GLOBALS['db']->update('file', ['secret' => $passphrase['c']], ['id' => $value['id']]);
            }
            return true;
        } else {
            return false;
        }
    }
    /* Update Code End */
    if (password_verify($password, $res[0]['pass'])) {
        return true;
    } else {
        return false;
    }
}
Пример #2
0
include dirname(__FILE__ . '/class/password_compat.php');
function md5_128($text)
{
    for ($i = 0; $i < 128; ++$i) {
        $text = md5($text);
    }
    return $text;
}
$re = 0;
if (isset($_POST['pass']) && isset($_POST['pass2'])) {
    if ($_POST['pass'] != $_POST['pass2']) {
        $re = 1;
    } else {
        if ($_POST['pass'] != null) {
            $db->update('user', ['pass' => password_hash($_POST['pass'], PASSWORD_DEFAULT)], ['name' => $_SESSION['username']]);
            $new_password = md5_128($_POST['pass']);
            foreach ($db->select("file", ["owner" => $_SESSION['username']]) as $value) {
                /* Change Key */
                /* Get original key */
                $passphrase['b'] = $_SESSION['password'];
                $passphrase['c'] = $value['secret'];
                $iv = substr(md5("<X" . $passphrase['b'], true), 0, 8);
                $key = substr(md5("-üØ" . $passphrase['b'], true) . md5("-üÙ" . $passphrase['b'], true), 0, 24);
                $passphrase['a'] = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, base64_decode($passphrase['c']), MCRYPT_MODE_CBC, $iv), "");
                /* Update new key */
                $passphrase['b'] = $new_password;
                $iv = substr(md5("<X" . $passphrase['b'], true), 0, 8);
                $key = substr(md5("-üØ" . $passphrase['b'], true) . md5("-üÙ" . $passphrase['b'], true), 0, 24);
                $passphrase['c'] = rtrim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $passphrase['a'], MCRYPT_MODE_CBC, $iv)), "");
                $db->update('file', ['secret' => $passphrase['c']], ['id' => $value['id']]);
            }
Пример #3
0
        $err = 2;
    } elseif ($username == "") {
        $err = 0;
    } elseif ($email == "") {
        $err = 0;
    } elseif ($password == "") {
        $err = 0;
    } elseif ($password != $password2) {
        $err = 1;
    } elseif (strtolower($_POST["captcha"]) != strtolower($_SESSION['captcha']['code'])) {
        $err = 4;
    } else {
        $db->insert(["name" => $username, "pass" => password_hash($password, PASSWORD_DEFAULT), "email" => $email], "user");
        $_SESSION['login'] = true;
        $_SESSION['username'] = $username;
        $_SESSION['password'] = md5_128($password);
        header("Location: home.php");
        exit;
    }
}
$_SESSION['captcha'] = simple_php_captcha();
?>
    <!DOCTYPE html>
    <html>

    <head>
        <title>註冊 -
            <?php 
echo $config["sitename"];
?>
        </title>