root
/
threadr.lostcave.ddnss.de
3
1
Fork 1
Code Issues 18 Pull Requests Projects Releases Wiki Activity

implemented password verification

master
BodgeMaster 2020-02-20 19:40:20 +01:00
parent aa39e653d0
commit ab3691ade6
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
threadr/login/redirect.php
View File

@ -5,12 +5,21 @@ $password = $_POST['password'];
$pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!'); $pdo = new PDO('mysql:host=localhost;dbname=web', 'webstuff', 'Schei// auf Pa$$w0rter!');
$statement = $pdo->prepare('SELECT id, name, authentication_algorithm, authentication_string FROM users WHERE name = :username;'); $statement = $pdo->prepare('SELECT id, authentication_algorithm, authentication_salt, authentication_string FROM users WHERE name = :username;');
$result = $statement->execute(array('username' => $username)); $result = $statement->execute(array('username' => $username));
if ($result) { if ($result) {
//existing user name //existing user name
print_r($statement->fetch()); $dbentry = $statement->fetch();
//chechk for correct password
if ($dbentry['authentication_string'] == hash($dbentry['authentication_algorithm'], $password . $dbentry['authentication_salt'])) {
//password correct
echo 1;
} else {
//password inorrect
echo 0;
}
} else { } else {
//wrong user name //wrong user name
echo 0;
} }
?> ?>