mysql - PHP login script using SHA256 -


i want make log in script website using special sha256 encryption , mysql database linking it. (and form ofcourse :p)

i use minecraft plugin "authme" registration. hashes password in sha256 , stores mysql database. code $sha$ce9b7692bd2b8f79$644c2a5710bb93f82471d08234435d7d02b1bbc09aff2cf23370f187aab37716 isn't same sha256 hashes made websites. 4aae7aba013ffed685a1354a0ebb576b8f1f58997b96cf3ef096282cfe737bff

the developers @ authme gave me "simple" code decrypt password, don't know how fit within script.

// @return true if password , nickname match  function check_password_db($nickname,$password) {   // here u have include db connection , select!   $a=mysql_query("select password authme username = '$nickname'");   if(mysql_num_rows($a) == 1 ) {     $password_info=mysql_fetch_array($a);     $sha_info = explode("$",$password_info[0]);   } else      return false;   if( $sha_info[1] === "sha" ) {     $salt = $sha_info[2];     $sha256_password = hash('sha256', $password);     $sha256_password .= $sha_info[2];;     if( strcasecmp(trim($sha_info[3]),hash('sha256', $sha256_password) ) == 0 )        return true;     else return false;   } }

so bottom line is: want know how make form logs user in website checking if entered right password looking @ data in mysql. if need more info reply , i'll give it. goal make login script works sessions.

the tables have id, am_ (username), password , ip.

can give me code that? (making form username , password, , whether valid or not)

sorry typo's, come netherlands..

well, understand: use library registration, , want make login form uses same authorization mechanism used registration.

in case posted code should used checking password yourself. pass user input , make sure select statement uses correct table , columns.

as why hashes differ, it's because user input isn't encrypted sha256(password) sha256(concat(sha256(password),salt)) concat string concatenation operation , salt additional input, in case equal part between $ characters (in example: ce9b7692bd2b8f79).

additionaly, cannot "decrypt" hashed data. can hash other data , compare both hashes check if same. if same, both inputs (probably) same. (the "probably" part because hashing functions surjections, not bijections.)


Comments

Post a Comment

Popular posts from this blog

ios - iPhone/iPad different view orientations in different views , and apple approval process -

i force app's home screen portrait , other views landscape. apple rejects app if this? if not , how force first screen launch in portrait mode? , force other screens launch in landscape. this not duplicate question search every possible answer in website. i force app's home screen portrait , other views landscape. apple rejects app if this? no apple not reject app this. have lot of apps doesn't support orientation. forcing on 1 screen won't cause app reject. if not , how force first screen launch in portrait mode? , force other screens launch in landscape. can on write : -(nsuinteger)supportedinterfaceorientations; function.
Read more

monitor web browser programmatically in Android? -

i've got tricky question here. need users make payment bank (namely barclaycard) in uk. so, have https url , add parameters (such amount pay, order reference, etc) url, start http connection intent.actionview, redirect user browser can enter credit card details on bank's webpage , make payment our account successfully. far ? the code use below (i changed values privacy reasons) problem is, need app when user has completed/failed/cancelled payment. barclaycardautomatically redirects particular url when payment has succeeded, 1 if failed. there no way of knowing when barclaycard payment has succeeded go android app somehow ? button cardbutton = (button) findviewbyid(r.id.card_button); cardbutton.setonclicklistener(new view.onclicklistener() { @override public void onclick(view arg0) { string prehashstring = new string(); string prohashstring = new string(); string shapassphrase = new string(); shapassphrase = "gsvth£h70zkh...
Read more

c# - Using multiple datasets in RDLC -

i working on rdlc reports, , reports work fine. got stuck when added 1 more dataset rdlc file. on adding dataset, added data source well. ran project, , report no more working giving error: a data source instance has not been supplied data source can 1 please guide me on steps take in order use multiple datasets. using visual studio 2012. multiple datasources added follows: reportviewer1.localreport.datasources.add(rds); reportviewer1.localreport.datasources.add(rds1); refer link: http://www.c-sharpcorner.com/uploadfile/robo60/standalonerdlcreports11142007183516pm/standalonerdlcreports.aspx all parts covered in this. also refer usefull discussion: http://forums.asp.net/t/1241964.aspx
Read more