IsleHorse/HISP
1
0
Fork 0
mirror of https://github.com/islehorse/HISP.git synced 2025-04-12 07:59:48 +12:00
Code Issues Projects Releases Packages Wiki Activity Actions
HISP/WebInterface/master-site/common.php

75 lines
No EOL
2.3 KiB
PHP
Executable file
Raw Blame History

<?php
function hash_salt(string $input, string $salt)
{
$output = hash('sha512',$input,true);
$len=strlen(bin2hex($output))/2;
$xor_hash = "";
for($i = 0; $i < $len; $i++)
{
$xor_hash .= $output[$i] ^ $salt[$i];
}
return hash('sha512',$xor_hash,false);
}
function user_exists(string $username)
{
include('dbconfig.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE Username=?");
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
$count = intval($result->fetch_row()[0]);
return $count>0;
}
function get_userid(string $username)
{
include('dbconfig.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT Id FROM Users WHERE Username=?");
$stmt->bind_param("s", $username);
$stmt->execute();
$result = $stmt->get_result();
$id = intval($result->fetch_row()[0]);
return $id;
}
function check_password(int $userId, string $password)
{
include('dbconfig.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
$stmt = $connect->prepare("SELECT PassHash FROM Users WHERE Id=?");
$stmt->bind_param("i", $userId);
$stmt->execute();
$result = $stmt->get_result();
$passhash = $result->fetch_row()[0];
$stmt = $connect->prepare("SELECT Salt FROM Users WHERE Id=?");
$stmt->bind_param("i", $userId);
$stmt->execute();
$result = $stmt->get_result();
$passsalt = $result->fetch_row()[0];
$passsalt = hex2bin($passsalt);
$acturalhash = hash_salt($password, $passsalt);
if($acturalhash === $passhash)
return true;
else
return false;
}
function populate_db()
{
include('dbconfig.php');
$connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS Users(Id INT, Username TEXT(16),Email TEXT(128),Country TEXT(128),SecurityQuestion Text(128),SecurityAnswerHash TEXT(128),Age INT,PassHash TEXT(128), Salt TEXT(128),Gender TEXT(16), Admin TEXT(3), Moderator TEXT(3))");
mysqli_query($connect, "CREATE TABLE IF NOT EXISTS OnlineUsers(playerId INT, Admin TEXT(3), Moderator TEXT(3), Subscribed TEXT(3))");
}
?>
Reference in a new issue View git blame Copy permalink