forked from root/threadr.lostcave.ddnss.de
implemented password verification
parent
aa39e653d0
commit
ab3691ade6
|
@ -5,12 +5,21 @@ $password = $_POST['password'];
|
|||
|
||||
|
||||
$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
|
||||
$statement = $pdo->prepare('SELECT id, name, authentication_algorithm, authentication_string FROM users WHERE name = :username;');
|
||||
$statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;');
|
||||
$result = $statement->execute(array('username' => $username));
|
||||
if ($result) {
|
||||
//existing user name
|
||||
print_r($statement->fetch());
|
||||
$dbentry = $statement->fetch();
|
||||
//chechk for correct password
|
||||
if ($dbentry['authentication_string'] == hash($dbentry['authentication_algorithm'], $password . $dbentry['authentication_salt'])) {
|
||||
//password correct
|
||||
echo 1;
|
||||
} else {
|
||||
//password inorrect
|
||||
echo 0;
|
||||
}
|
||||
} else {
|
||||
//wrong user name
|
||||
echo 0;
|
||||
}
|
||||
?>
|
||||
|
|
Loading…
Reference in New Issue