sha_password PHP代码示例

示例#1

0

显示文件

文件： account.manage.php 项目： BACKUPLIB/mwenhanced

                 }
                 output_message('notice', '<b>' . $lang['change_mail'] . '</b><meta http-equiv=refresh content="2;url=index.php?n=account&sub=manage">');
             }
         } else {
             output_message('alert', '<b>' . $lang['reg_checkemailex'] . '</b><meta http-equiv=refresh content="2;url=index.php?n=account&sub=manage">');
         }
     } else {
         output_message('alert', '<b>' . $lang['bad_mail'] . '</b><meta http-equiv=refresh content="2;url=index.php?n=account&sub=manage">');
     }
 } elseif ($_GET['action'] == 'changepass') {
     $newpass = trim($_POST['new_pass']);
     if (strlen($newpass) > 3) {
         $DB->query("UPDATE account SET sessionkey = NULL WHERE id=?", $user['id']);
         $DB->query("UPDATE account SET s = NULL WHERE id=?", $user['id']);
         $DB->query("UPDATE account SET v = NULL WHERE id=?", $user['id']);
         $sha_pass = sha_password($user['username'], $newpass);
         $DB->query("UPDATE account SET sha_pass_hash=? WHERE id=?", strtoupper($sha_pass), $user['id']);
         if ((int) $MW->getConfig->generic->use_purepass_table) {
             $count_occur = $DB->selectCell("SELECT count(*) FROM account_pass WHERE id=?d", $user['id']);
             if ($count_occur) {
                 $DB->query("UPDATE account_pass SET password=? WHERE id=?d LIMIT 1", $newpass, $user['id']);
             } else {
                 $DB->query("INSERT INTO account_pass SET id=?d, username=?, password=?, email=?", $user['id'], $user['username'], $newpass, $user['email']);
             }
         }
         //$uservars_hash_new = serialize(array($user['id'], sha1(base64_encode(md5(utf8_encode($sha_pass))))));
         //setcookie((string)$MW->getConfig->generic->site_cookie, $uservars_hash_new, time()+(60*60*24*365),$MW->getConfig->temp->site_href,$MW->getConfig->temp->site_domain); // expires in 365 days
         output_message('notice', '<b>' . $lang['change_pass_succ'] . '</b><meta http-equiv=refresh content="2;url=index.php?n=account&sub=manage">');
     } else {
         output_message('alert', '<b>' . $lang['change_pass_short'] . '</b><meta http-equiv=refresh content="2;url=index.php?n=account&sub=manage">');
     }

示例#2

0

显示文件

文件： login.php 项目： rkmsbc/TrinityCMS

  </head>
  <body>
    <div id="embedded-login">
      <h2>World of Warcraft</h2>
  <?php 
if (!isset($_SESSION['username'])) {
    if (isset($_POST['accountName'])) {
        $accountName = stripslashes($_POST['accountName']);
        $accountPass = stripslashes($_POST['password']);
        function sha_password($user, $pass)
        {
            $user = strtoupper($user);
            $pass = strtoupper($pass);
            return SHA1($user . ':' . $pass);
        }
        $sha_pass_hash = sha_password($accountName, $accountPass);
        $db_setup = mysql_select_db($server_adb, $connection_setup) or die(mysql_error());
        $login_query = mysql_query("SELECT * FROM account WHERE username = '******'");
        $login = mysql_fetch_assoc($login_query);
        if ($login) {
            ?>
      <style type="text/css">
      .loader {
        width:24px;
        height:24px;
        background: url("wow/static/images/loaders/canvas-loader.gif") no-repeat;
       }
      </style>
      <center>
      <h3>Logging In</h3><br />
      <div class="loader"></div>

示例#3

0

显示文件

文件： register.php 项目： rkmsbc/TrinityCMS

       <?php 
 if (isset($error) && count($error) > 0) {
     echo '<div class="errors">';
     foreach ($error as $errors) {
         echo "<font color='red'>*" . $errors . "</font><br />";
     }
     echo '</div>';
     echo '<meta http-equiv="refresh" content="2"';
 } else {
     function sha_password($user, $pass)
     {
         $user = strtoupper($user);
         $pass = strtoupper($pass);
         return SHA1($user . ':' . $pass);
     }
     $sha_pass_hash = strtoupper(sha_password($accountName, $accountPass));
     $ip = intval($_SERVER['REMOTE_ADDR']);
     $register_query = mysql_query("INSERT INTO account (username,sha_pass_hash,email,last_ip,expansion) VALUES ('" . strtoupper($accountName) . "','" . mysql_real_escape_string($sha_pass_hash) . "','" . $accountEmail . "','" . $ip . "','2')") or die(mysql_error());
     $accinfoq = mysql_query("SELECT * FROM account WHERE username = '******'");
     $accinfo = mysql_fetch_assoc($accinfoq) or die(mysql_error());
     mysql_select_db($server_db, $connection_setup) or die(mysql_error());
     $register_query = mysql_query("INSERT INTO users(id) VALUES ('" . mysql_real_escape_string($accinfo['id']) . "')");
     echo '<div class="success">';
     echo $accountName . ' has been successfully created.';
     echo '</div>';
     $_SESSION['username'] = $accountName;
     echo '<meta http-equiv="refresh" content="2;url=index.php"';
 }
 ?>
       
       </center>

示例#4

0

显示文件

文件： login.php 项目： 125125/125125CMS

<?php

//Refuse direct access
if (!defined("125125CMS")) {
    exit;
}
if (isset($_POST['username']) and isset($_POST['password'])) {
    $username = $_POST['username'];
    $password = sha_password($username, $_POST['password']);
    $mysqli->select_db($acc_db);
    $check_account = $mysqli->query("SELECT * FROM `account` WHERE username='******' and sha_pass_hash='{$password}'") or die($mysqli->error);
    $count = $check_account->num_rows;
    if ($count == 1) {
        $_SESSION['username'] = $username;
        header("Location: index.php?p=index");
    } else {
        echo 'Wrong username/password !';
    }
}

示例#5

0

显示文件

文件： account.login.php 项目： BACKUPLIB/mwenhanced

<?php

if (INCLUDED !== true) {
    exit;
}
// ==================== //
$pathway_info[] = array('title' => $lang['login'], 'link' => '');
// ==================== //
if ($_REQUEST['action'] == 'login') {
    $login = $_REQUEST['login'];
    $pass = sha_password($login, $_REQUEST['pass']);
    if ($auth->login(array('username' => $login, 'sha_pass_hash' => $pass))) {
        redirect($_SERVER['HTTP_REFERER'], 1);
    }
} elseif ($_REQUEST['action'] == 'logout') {
    $auth->logout();
    redirect($_SERVER['HTTP_REFERER'], 1);
}

示例#6

0

显示文件

文件： index.php 项目： BACKUPLIB/mwenhanced

mysql_connect($_POST['db_host'].":".$_POST['db_port'], $_POST['db_username'], $_POST['db_password']);
mysql_select_db($_POST['db_name']);
//Giving root admin rights to the given account
$accountid = mysql_query("SELECT `id` FROM `account` WHERE `username` LIKE '".$_POST['account']."'");
$checkacc = mysql_num_rows($accountid);
if ($checkacc == 1) {
// Account exsist
$accountid = mysql_fetch_row($accountid);
mysql_query("UPDATE `account_extend` SET `g_id` = '4' WHERE `account_id` = ".$accountid[0]." LIMIT 1 ;");
echo "Congratulations, your TrinityWeb is now installed!<br /><br />Installation finished successfully, now you can login with your administrator account on the <a href=\"../index.php\">site index</a>,  ".$_POST['account'].", and do the further configurations!";
}
else {
// No such account, creating one, in this case pwd is needed, so checking whether it's provided...
if (!$_POST['passw'] || !$_POST['passw2']) {die('Error!<br /><br />One or more fileds were left empty. Please <a href="javascript: history.go(-1)">go back</a> and correct it.');}
if ($_POST['passw'] != $_POST['passw2']) {die('Error!<br /><br />Passwords didn\'t match. Please <a href="javascript: history.go(-1)">go back</a> and correct it.');}
$password = sha_password($_POST['account'], $_POST['passw']);
mysql_query("INSERT INTO `account` (`username`, `sha_pass_hash`) VALUES ('".$_POST['account']."', '$password' );");
$accountid = mysql_query("SELECT `id` FROM `account` WHERE `username` LIKE '".$_POST['account']."'");
$accountid = mysql_fetch_row($accountid);
mysql_query("INSERT INTO `account_extend` (`account_id`, `g_id`) VALUES ('$accountid[0]', '4');");
echo "Congratulations, your TrinityWeb is now installed!<br /><br />Installation finished successfully, now you can login with your administrator account,  ".$_POST['account'].", on the <a href=\"../index.php\">site index</a> and do the further configurations!";
echo "<br/><br/><strong><font color=\"red\">To disable this function and avoid misuse add a file named DISABLE_INSTALLER.php to your install folder to disable the installer!</font></strong>";
}
}
?>
</div>
</div>
<br /><br />
</div>
</div>
</body></html>

示例#7

0

显示文件

文件： admin.members.php 项目： BACKUPLIB/mwenhanced

         $txt['daylist'] .= "<option value='{$i}'" . ($i == $profile['bd_day'] ? ' selected' : '') . "> {$i} </option>\n";
     }
     for ($i = 1; $i <= 12; $i++) {
         $txt['monthlist'] .= "<option value='{$i}'" . ($i == $profile['bd_month'] ? ' selected' : '') . "> {$i} </option>\n";
     }
     for ($i = 1950; $i <= date('Y'); $i++) {
         $txt['yearlist'] .= "<option value='{$i}'" . ($i == $profile['bd_year'] ? ' selected' : '') . "> {$i} </option>\n";
     }
     $profile['signature'] = str_replace('<br />', '', $profile['signature']);
 } elseif ($_GET['action'] == 'changepass') {
     $newpass = trim($_POST['new_pass']);
     if (strlen($newpass) > 3) {
         $id = $_GET['id'];
         $maneresu = $DB->selectCell("SELECT username FROM account WHERE id={$id} ");
         $DB->query("UPDATE account SET sessionkey = NULL WHERE id={$id}");
         $sha_pass = sha_password($maneresu, $newpass);
         $DB->query("UPDATE account SET sha_pass_hash='{$sha_pass}' WHERE id={$id}");
         output_message('notice', '<b>' . $lang['change_pass_succ'] . '</b><meta http-equiv=refresh content="2;url=index.php?n=admin&sub=members&id=' . $_GET['id'] . '">');
     } else {
         output_message('alert', '<b>' . $lang['change_pass_short'] . '</b><meta http-equiv=refresh content="2;url=index.php?n=admin&sub=members&id=' . $_GET['id'] . '">');
     }
 } elseif ($_GET['action'] == 'ban') {
     $DB->query("INSERT into account_banned (id, bandate, unbandate, bannedby, banreason, active) values (?d, UNIX_TIMESTAMP(), UNIX_TIMESTAMP()-10, 'WEBSERVER', 'WEBSERVER', 1)", $_GET['id']);
     $id = $_GET['id'];
     $q = $DB->selectCell("SELECT last_ip FROM account WHERE id='{$id}' ");
     $DB->query("INSERT into ip_banned (ip, bandate, unbandate, bannedby, banreason) values ('{$q}', UNIX_TIMESTAMP(), UNIX_TIMESTAMP()-10, 'WEBSERVER', 'WEBSERVER')");
     $DB->query("UPDATE account_extend SET g_id=5 WHERE account_id='{$id}' ");
     redirect('index.php?n=admin&sub=members&id=' . $_GET['id'], 1);
 } elseif ($_GET['action'] == 'unban') {
     $DB->query("UPDATE account_banned SET active=0 WHERE id=?d ", $_GET['id']);
     $id = $_GET['id'];

示例#8

0

显示文件

文件： register.php 项目： edwintcloud/mycms

 function sha_password($user, $pass)
 {
     $user = strtoupper($user);
     $pass = strtoupper($pass);
     return SHA1($user . ':' . $pass);
 }
 $error = "";
 $db_fields = "";
 $db_values = "";
 $username = stripinput(trim(preg_replace("/ +/i", " ", $_POST['username'])));
 $email = stripinput(trim(preg_replace("/ +/i", "", $_POST['email'])));
 $password1 = stripinput(trim(preg_replace("/ +/i", "", $_POST['password1'])));
 if ($emulator != 0) {
     $game_username = stripinput(trim(preg_replace("/ +/i", " ", $_POST['game_username'])));
     $game_password1 = stripinput(trim(preg_replace("/ +/i", "", $_POST['game_password1'])));
     $game_password2 = sha_password($game_username, $_POST['game_password1']);
 }
 if ($username == "" || $password1 == "" || $email == "") {
     $error .= $locale['402'] . "<br />\n";
 }
 if ($emulator != 0) {
     if ($game_username == "" || $game_password1 == "") {
         $error .= $locale['1402'] . "<br />\n";
     }
     if (!preg_match("/^[-0-9A-Z_@\\s]+\$/i", $game_username)) {
         $error .= $locale['1403'] . "<br />\n";
     }
     if (preg_match("/^[0-9A-Z@]{6,20}\$/i", $game_password1)) {
         if ($game_password1 != $_POST['game_password2']) {
             $error .= $locale['1404'] . "<br />\n";
         }

示例#9

0

显示文件

文件： raf-invite.php 项目： nerfqxx/wowqxweb

    for ($i = 0; $i < $counts; $i++) {
        if ($o = 1) {
            $output = rand(0, 9);
            $o = 0;
        } else {
            $o++;
            $output .= $str[rand(0, 25)];
        }
    }
    return $output;
}
$rand = random_string(6);
/* START */
if (isset($_POST['user'])) {
    $username = protect($_POST['user']);
    $password = sha_password($_POST['user'], $_POST['pass']);
    $hero1 = protect($_POST['hero1']);
    $ip = getenv('REMOTE_ADDR');
    $check_account1 = mysql_query("SELECT * FROM `{$server_adb}`.`invite_member` WHERE `account` = '{$username}';") or die(mysql_error());
    if (mysql_num_rows($check_account1) > 0) {
        echo '<font color="red">Error : this account allready in database</font>';
    } else {
        $check_account2 = mysql_query("SELECT * FROM `{$server_adb}`.`account` WHERE `username` = '{$username}' AND `sha_pass_hash` = '{$password}'") or die(mysql_error());
        if (mysql_num_rows($check_account2) < 1) {
            echo '<font color="red">Error : Username and Password not valid</font>';
        } else {
            $result1 = mysql_query("SELECT * FROM `{$server_cdb}`.characters, `{$server_adb}`.account WHERE `{$server_adb}`.account.id = `{$server_cdb}`.characters.account AND `{$server_cdb}`.characters.name='{$hero1}' AND `{$server_adb}`.account.username = '******';") or die(mysql_error());
            if (mysql_num_rows($result1) < 1) {
                echo '<font color="red">This character does not belong to this account</font>';
            } else {
                $select_character = mysql_query("SELECT name,guid FROM `{$server_cdb}`.characters WHERE name='{$hero1}';");

示例#10

0

显示文件

文件： gamereg.php 项目： edwintcloud/mycms

 if ($settings['display_validation'] == "1") {
     include_once INCLUDES . "securimage/securimage.php";
 }
 function sha_password($user, $pass)
 {
     $user = strtoupper($user);
     $pass = strtoupper($pass);
     return SHA1($user . ':' . $pass);
 }
 $error = "";
 $db_fields = "";
 $db_values = "";
 $username = stripinput(trim(preg_replace("/ +/i", " ", $_POST['username'])));
 $email = stripinput(trim(preg_replace("/ +/i", "", $_POST['email'])));
 $password1 = stripinput(trim(preg_replace("/ +/i", "", $_POST['password1'])));
 $password2 = sha_password($username, $_POST['password1']);
 if ($username == "" || $password1 == "" || $email == "") {
     $error .= $locale['402'] . "<br />\n";
 }
 if ($emulator == 2) {
     $cola = $newcon->query("SELECT * FROM account WHERE username='******'");
     if ($cola->fetch_row() != NULL) {
         $error = $locale['407'] . "<br />\n";
     }
 }
 if ($emulator == 1) {
     $cola = $newcon->query("SELECT * FROM accounts WHERE login='******'");
     if ($cola->fetch_row() != NULL) {
         $error = $locale['407'] . "<br />\n";
     }
 }

示例#11

0

显示文件

文件： account.restore.php 项目： BACKUPLIB/mwenhanced

            $posted_email =& $_POST['retr_email'];
            /*Check 2*/
            if ($email != $posted_email) {
                $return = FALSE;
            }
        }
    }
    $secreta1 =& $_POST['secreta1'];
    $secreta2 =& $_POST['secreta2'];
    /*Check 3*/
    if (check_for_symbols($_POST['secreta1']) || check_for_symbols($_POST['secreta2'])) {
        $return = FALSE;
    }
    if ($return == FALSE) {
        output_message('alert', '<b>' . $lang['fail_restore_pass'] . '</b><meta http-equiv=refresh content="3;url=index.php?n=account&sub=restore">');
    } elseif ($return == TRUE) {
        $we = $DB->selectRow("SELECT account_id FROM `account_extend` WHERE account_id=? AND secretq1=? AND secretq2=? AND secreta1=? AND secreta2=?", $username, strip_if_magic_quotes($_POST['secretq1']), strip_if_magic_quotes($_POST['secretq2']), strip_if_magic_quotes($_POST['secreta1']), strip_if_magic_quotes($_POST['secreta2']));
        if ($we == false) {
            $we = $DB->selectRow("SELECT account_id FROM `account_extend` WHERE account_id=? AND secretq1=? AND secretq2=? AND secreta1=? AND secreta2=?", $username, strip_if_magic_quotes($_POST['secretq2']), strip_if_magic_quotes($_POST['secretq1']), strip_if_magic_quotes($_POST['secreta2']), strip_if_magic_quotes($_POST['secreta1']));
        }
        if ($we == true) {
            $pas = random_string(7);
            $c_pas = sha_password($username_name, $pas);
            $DB->query("UPDATE `account` SET sha_pass_hash=? WHERE id=?d", $c_pas, $username);
            $DB->query("UPDATE `account` SET sessionkey=NULL WHERE id=?d", $username);
            output_message('notice', '<b>' . $lang['restore_pass_ok'] . '<br /> New password: '******'</b>');
        } else {
            output_message('alert', '<b>' . $lang['fail_restore_pass'] . '</b><meta http-equiv=refresh content="3;url=index.php?n=account&sub=restore">');
        }
    }
}

示例#12

0

显示文件

文件： sha_encryption.php 项目： sayghteight/AquaFlameCMS-Dev

        <div id="embedded-login">
            <h2 class="wuaha2"><?php 
echo $website['title'];
?>
 - SHA1 Encryption</h2>
            <br />
            <center>
                <?php 
if ($_POST['username']) {
    function sha_password($user, $pass)
    {
        $user = strtoupper($user);
        $pass = strtoupper($pass);
        return SHA1($user . ':' . $pass);
    }
    echo '<br /><br /><center><h3><font color="aqua" class="wuaha">Your password is</font></h3><br /><br /><font color="green" class="wuaha"> ' . sha_password($_POST['username'], $_POST['password']) . '</font></center>';
} else {
    echo '

			<form method="POST">
			<table>
			<tr>
			<div class="form-row required">
			<label for="email" class="label-full ">
			<strong>Username:</strong>
			<span class="form-required">*</span>
			</label>
			<input type="text" id="name" name="username" value="" class="input border-5 glow-shadow-2" maxlength="255" tabindex="2"    />
			</div>
			<div class="form-row required">
			<label for="email" class="label-full ">

示例#13

0

显示文件

文件： account.register.php 项目： BACKUPLIB/mwenhanced

         $err_array[] = "User didn't type any answers to the secret questions.";
     }
 }
 // Ext 3 - make sure password is not username
 if ($_POST['r_login'] == $_POST['r_pass']) {
     $notreturn = TRUE;
     $err_array[] = "Password cannot be the same as username.";
 }
 // Main add.
 if ($notreturn === FALSE) {
     if ($auth->register(array('username' => $_POST['r_login'], 'sha_pass_hash' => sha_password($_POST['r_login'], $_POST['r_pass']), 'sha_pass_hash2' => sha_password($_POST['r_login'], $_POST['r_cpass']), 'email' => $_POST['r_email'], 'expansion' => $_POST['r_account_type'], 'password' => $_POST['r_pass']), array('secretq1' => strip_if_magic_quotes($_POST['secretq1']), 'secreta1' => strip_if_magic_quotes($_POST['secreta1']), 'secretq2' => strip_if_magic_quotes($_POST['secretq2']), 'secreta2' => strip_if_magic_quotes($_POST['secreta2']))) === true) {
         if ((int) $MW->getConfig->generic->req_reg_key) {
             $auth->delete_key($_POST['r_key']);
         }
         if ((int) $MW->getConfig->generic->req_reg_act == 0) {
             $auth->login(array('username' => $_POST['r_login'], 'sha_pass_hash' => sha_password($_POST['r_login'], $_POST['r_pass'])));
         }
         $reg_succ = true;
     } else {
         $reg_succ = false;
         $err_array[] = "Account Creation [FATAL ERROR]: User cannot be created, likely due to incorrect database configuration.  Contact the administrator.";
     }
 } else {
     $reg_succ = false;
 }
 //Error message
 if ($reg_succ == false) {
     if (!$err_array[1]) {
         $err_array[1] = $lang['ref_fail'] . ": Unknown Reason";
     }
     $output_error = implode("<br>\n", $err_array);

PHP sha_password示例