Scribd Logo
Upload

Welcome to Scribd!

  • Signuppro

    Uploaded by

    ankit
    10 views1 page
    jytdhrbsegsdfa

    Original Title

    signuppro

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    jytdhrbsegsdfa

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views1 page

    Signuppro

    Uploaded by

    ankit
    jytdhrbsegsdfa

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    function generateSalt($max = 64) {

    $characterList =
    "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%&*?";
    $i = 0;
    $salt = "";
    while ($i < $max) {
    $salt .= $characterList{mt_rand(0, (strlen($characterList) - 1))};
    $i++;
    }
    return $salt;
    }

    /*-------------------------------------------------------------
    Form data
    -------------------------------------------------------------*/
    $username = mysql_escape_string($_POST['username']);
    $password = $_POST['password'];

    /*-------------------------------------------------------------
    Salting and Hashing
    -------------------------------------------------------------*/

    $user_salt = generateSalt(); // Generates a salt from the function above


    $combo = $user_salt . $password; // Appending user password to the salt
    $hashed_pwd = hash('sha512',$combo); // Using SHA512 to hash the salt+password
    combo string

    /*-------------------------------------------------------------
    Database stuff starts from here,
    MySQL Server Info is gotten from the $_SERVER variable
    (assuming we have the path to the file containing the
    DB credentials in our .htaccess file)
    -------------------------------------------------------------*/

    $db_host = $_SERVER['DB_HOST'];
    $db_user = $_SERVER['DB_LOGIN'];
    $db_pass = $_SERVER['DB_PASSWD'];
    $db_name = $_SERVER['DB_DB'];

    /*-------------------------------------------------------------
    Checks the connection to the DB has been made.
    If successful selects the database to be used, else exits
    -------------------------------------------------------------*/

    $link = mysql_connect($db_host,$db_user,$db_pass);
    if(!$link)
    {
    die("Could Not Connect:".mysql_error());
    }
    mysql_select_db($db_name, $link) or die('Can\'t use db:'. mysql_error());

    /*-------------------------------------------------------------
    Inserting Data
    -------------------------------------------------------------*/
    $insert="INSERT INTO login(username, salt, hashed_pwd) VALUES
    ('$username','$user_salt','$hashed_pwd')";
    mysql_query($insert, $link) or die('Error while trying to insert
    data'.mysql_error());mysql_close(); //Closing the connection to the database

    You might also like