references http://jonsuh.com/blog/securely-hash-passwords-with-php/
password_* methods are only available as of PHP 5.5, for older use this instead : http://github.com/ircmaxell/password_compat/blob/master/lib/password.php
PASSWORD_BCRYPT uses the CRYPT_BLOWFISH algorithm and will return a 60 character string. PASSWORD_DEFAULT uses the bcrypt algorithm. PHP documentation recommends that you set the column size to 255 in the event the algorithm changes over time.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
//one page login system
<?php if="" ($_server['request_method']="==" 'post')="" {="" $password_string="mysql_escape_string($_POST[" upassword"]);"="" include('config.php');="" my="" dbase="" obj="" require('password.php');="" $db="connect();" get="" the="" dbase="" password="" for="" this="" mail="" $password_hash="getScalar($db," select"="" user_password="" from="" users="" where="" user_mail="?" ,array($_post['umail']));"="" ^if="" record="" exists="" if="" ($password_hash){="" if="" (password_verify($password_string,="" $password_hash))="" {="" die("correct");="" }="" else="" {="" die("in-correct");="" }="" }="" else="" {="" user="" doesnt="" exist="" create="" new="" -="" tested&working="" $password_hash="password_hash($password_string," password_bcrypt);="" $sql="INSERT INTO users (user_mail, user_password, user_level) VALUES (:user_mail, :user_password, :user_level)" ;="" $stmt="$db-"?>prepare($sql);
$stmt->bindValue(':user_mail' , $_POST['umail']);
$stmt->bindValue(':user_password' , $password_hash);
$stmt->bindValue(':user_level' , 1);
$stmt->execute();
$res = $stmt->rowCount();
if($res == 1)
header("Location: http://google.com");
else
echo "error";
}
}
?>
<style>
body {
padding-top: 40px;
padding-bottom: 40px;
background-color: #eee;
}
.form-signin {
max-width: 330px;
padding: 15px;
margin: 0 auto;
}
.form-signin .form-signin-heading,
.form-signin .checkbox {
margin-bottom: 10px;
}
.form-signin .checkbox {
font-weight: normal;
}
.form-signin .form-control {
position: relative;
height: auto;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
padding: 10px;
font-size: 16px;
}
.form-signin .form-control:focus {
z-index: 2;
}
.form-signin input[type="email"] {
margin-bottom: -1px;
border-bottom-right-radius: 0;
border-bottom-left-radius: 0;
}
.form-signin input[type="password"] {
margin-bottom: 10px;
border-top-left-radius: 0;
border-top-right-radius: 0;
}
</style>
$(function() {
//pipiscrew
});
<div class="container">
<form class="form-signin" method="POST" action="">
## Please sign in
<label for="umail" class="sr-only">Email address</label>
<input type="email" name="umail" class="form-control" placeholder="Email address" required="" autofocus="">
<label for="upassword" class="sr-only">Password</label>
<input type="password" name="upassword" id="upassword" class="form-control" placeholder="Password" required="">
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
</form>
</div>
http://www.miraclesalad.com/webtools/md5.php http://stackoverflow.com/a/704543/1320686
and why do this^, better use the php md5/sha1 function, the result will be the same
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
//test_md5.php
<?php @session_start();="" if="" ($_server['request_method']="==" 'post')="" {="" $password_string="md5(mysql_escape_string($_POST[" upassword"]));"="" include('config.php');="" $db="connect();" get="" the="" dbase="" password="" for="" this="" mail="" $r="getRow($db," select"="" user_id,user_level="" from="" users="" where="" user_mail="?" and="" user_password="?" ,array($_post['umail'],"="" $password_string));="" ^if="" record="" exists="" if="" ($r){="" $_session['id']="$r[" user_id"];"="" $_session['level']="$r[" user_level"];"="" header("location:="" portal.php");="" }="" else="" {="" user="" doesnt="" exist="" create="" new="" -="" tested&working="" $sql="INSERT INTO users (user_mail, user_password, user_level) VALUES (:user_mail, :user_password, :user_level)" ;="" $stmt="$db-"?>prepare($sql);
$stmt->bindValue(':user_mail' , $_POST['umail']);
$stmt->bindValue(':user_password' , $password_string);
$stmt->bindValue(':user_level' , 1);
$stmt->execute();
$res = $stmt->rowCount();
if($res == 1)
header("Location: http://google.com");
else
echo "error";
}
}
?>
<style>
body {
padding-top: 40px;
padding-bottom: 40px;
background-color: #eee;
}
.form-signin {
max-width: 330px;
padding: 15px;
margin: 0 auto;
}
.form-signin .form-signin-heading,
.form-signin .checkbox {
margin-bottom: 10px;
}
.form-signin .checkbox {
font-weight: normal;
}
.form-signin .form-control {
position: relative;
height: auto;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
box-sizing: border-box;
padding: 10px;
font-size: 16px;
}
.form-signin .form-control:focus {
z-index: 2;
}
.form-signin input[type="email"] {
margin-bottom: -1px;
border-bottom-right-radius: 0;
border-bottom-left-radius: 0;
}
.form-signin input[type="password"] {
margin-bottom: 10px;
border-top-left-radius: 0;
border-top-right-radius: 0;
}
</style>
$(function() {
//pipiscrew
});
<div class="container">
<form class="form-signin" method="POST" action="">
## Please sign in
<label for="umail" class="sr-only">Email address</label>
<input type="email" name="umail" class="form-control" placeholder="Email address" required="" autofocus="">
<label for="upassword" class="sr-only">Password</label>
<input type="password" name="upassword" id="upassword" class="form-control" placeholder="Password" required="">
<button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
</form>
</div>
similar** - https://www.pipiscrew.com/2015/08/phpmysql-password-recovery-via-mail/
origin - http://www.pipiscrew.com/?p=3228 php-one-page-login-system