当前位置: 首页>>代码示例>>PHP>>正文


PHP PasswordHash::validate_password方法代码示例

本文整理汇总了PHP中PasswordHash::validate_password方法的典型用法代码示例。如果您正苦于以下问题:PHP PasswordHash::validate_password方法的具体用法?PHP PasswordHash::validate_password怎么用?PHP PasswordHash::validate_password使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在PasswordHash的用法示例。


在下文中一共展示了PasswordHash::validate_password方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: authenticate

 function authenticate()
 {
     if (isset($_POST['password']) && isset($_POST['email'])) {
         $hasher = new \PasswordHash();
         //TODO better manage external classes
         $sth = $this->stone->pdo->prepare("SELECT user_pbkdf2, user.user_id as user_id\n                     FROM user\n                     JOIN link_email2user \n                     ON link_email2user.user_id = user.user_id\n                     JOIN email \n                     ON link_email2user.email_id = email.email_id\n                     WHERE email_address = :email");
         $sth->execute(array(":email" => $_POST['email']));
         $loginData = $sth->fetch();
         $dbHash = $loginData['user_pbkdf2'];
         $user_id = $loginData['user_id'];
         //DEBUG
         //echo "<pre>" . var_export($loginData,true) . "</pre>";
         //DEBUG
         $validPassword = $hasher->validate_password($_POST['password'], $dbHash);
         if ($validPassword) {
             $this->stone->setUserID($user_id);
             $sth = $this->stone->pdo->prepare("SELECT capability_name \n                            FROM capability \n                              WHERE user_id = :user_id");
             $sth->execute(array(":user_id" => $user_id));
             $capabilities = array();
             while ($capability = $sth->fetchColumn()) {
                 $capabilities[] = $capability;
             }
             $this->stone->setUserCapabilities($capabilities);
             $data = array();
             //$data[":session_hash"]=sha1(mcrypt_create_iv(16), MCRYPT_DEV_URANDOM);
             // even with URANDOM, it hangs, production server appears to have little entropy // is this really the case???
             $data[":session_hash"] = sha1(rand());
             //TODO: something better as a session hash!
             if (strstr($_SERVER['REMOTE_ADDR'], ":")) {
                 // Remote address is IPv6 or IPv4 in IPv6 notation
                 $data[":session_ip_start"] = inet_pton($_SERVER['REMOTE_ADDR']);
             } else {
                 // Remote address is IPv4 in IPv4 notation
                 // Convert to IPv6 notation
                 $data[":session_ip_start"] = inet_pton("::ffff:" . $_SERVER['REMOTE_ADDR']);
             }
             $data[":session_useragent"] = $_SERVER['HTTP_USER_AGENT'];
             $sth = $this->stone->pdo->prepare("INSERT INTO session (session_hash,session_ip_start,session_useragent) values (:session_hash,:session_ip_start,:session_useragent)");
             //$sth->execute($data);
             if (!$sth->execute($data)) {
                 //todo: error handling
             }
             setcookie("ItPhilManagerSession", $data[":session_hash"], 4294967295.0);
             //PHP_INT_MAX);
             // PHP_MAX_INT causes problem on production server:
             // PHP Warning:  Expiry date cannot have a year greater than 9999
             // and does not set cookie. I suppose using the max 32 bit value solves the problem.... until 2038
             // (This problem occurs on 64 bit PHP installations)
             $data = array();
             $data[':session_id'] = $this->stone->pdo->lastInsertId();
             $data[':user_id'] = $user_id;
             $sth = $this->stone->pdo->prepare("INSERT INTO link_session2user (session_id,user_id) Values (:session_id,:user_id)");
             if (!$sth->execute($data)) {
                 //todo: error handling
             }
         }
     }
 }
开发者ID:The-IT-Philosopher,项目名称:manager,代码行数:58,代码来源:AuthLocal.class.php

示例2: session_start

<?php

session_start();
require_once "../../PasswordHashClass.php";
$DB = new DB('sqlite::memory:');
// Replace with your own
if (isset($_POST['username']) && isset($_POST['password'])) {
    $result = $DB->pQuery("SELECT * FROM user_accounts WHERE username = ?", $_POST['username']);
    if (!empty($result)) {
        $user =& $result[0];
        if (PasswordHash::validate_password($_POST['password'], $user['password'])) {
            // Replace with your application logic
            die("LOGIN SUCCESS");
        }
    }
    // Replace with your application logic
    die("LOGIN FAILURE");
}
?>
<!DOCTYPE html>
<html>
	<head>
		<title>DEMO</title>
	</head>
	<body>
		<h1>Login</h1>
		<?php 
if (isset($_SESSION['msg'])) {
    echo "<p>" . htmlentities($_SESSION['msg'], ENT_QUOTES, 'UTF-8') . "</p>\n";
    unset($_SESSION['msg']);
}
开发者ID:abetam,项目名称:password-hashing,代码行数:31,代码来源:login.php

示例3: ProcessLogin

 function ProcessLogin()
 {
     global $pdo;
     if (isset($_COOKIE['ItPhilManagerSession'])) {
         $sth = $pdo->prepare("SELECT user.user_id as user_id from user\n                            JOIN link_session2user\n                            ON link_session2user.user_id = user.user_id\n                            JOIN session\n                            ON link_session2user.session_id = session.session_id\n                            WHERE session_hash = :session_hash");
         $sth->execute(array(":session_hash" => $_COOKIE['ItPhilManagerSession']));
         $user_id = $sth->fetchColumn();
         if ($user_id) {
             $_SESSION['user'] = array();
             $_SESSION['user']['id'] = $user_id;
             $sth = $pdo->prepare("SELECT capability_name FROM capability WHERE user_id = :user_id");
             $sth->execute(array(":user_id" => $user_id));
             //echo "ERRIR (udi $user_id <pre>" . var_export( $sth->errorInfo() , true ) . "</pre>";
             //$capabilities = $sth->fetchAll(PDO::FETCH_ASSOC|PDO::FETCH_GROUP); //not quite the desired result
             $capabilities = array();
             while ($capability = $sth->fetchColumn()) {
                 $capabilities[] = $capability;
             }
             $_SESSION['user']['capabilities'] = $capabilities;
             return;
         } else {
             setcookie(ItPhilManagerSession, "", 1);
             //unsetting cookie
         }
     }
     $hasher = new PasswordHash();
     $sth = $pdo->prepare("SELECT user_pbkdf2, user.user_id as user_id\n                   FROM user\n                   JOIN link_email2user \n                   ON link_email2user.user_id = user.user_id\n                   JOIN email \n                   ON link_email2user.email_id = email.email_id\n                   WHERE email_address = :email");
     $sth->execute(array(":email" => $_POST['email']));
     $loginData = $sth->fetch();
     $dbHash = $loginData['user_pbkdf2'];
     $user_id = $loginData['user_id'];
     //DEBUG
     //echo "<pre>" . var_export($loginData,true) . "</pre>";
     //DEBUG
     $validPassword = $hasher->validate_password($_POST['password'], $dbHash);
     if ($validPassword) {
         $_SESSION['user'] = array();
         $_SESSION['user']['id'] = $user_id;
         //echo "password valid, creating session";
         $data = array();
         //$data[":session_hash"]=sha1(mcrypt_create_iv(16), MCRYPT_DEV_URANDOM);
         // even with URANDOM, it hangs, production server appears to have little entropy // is this really the case???
         $data[":session_hash"] = sha1(rand());
         //TODO: something better as a session hash!
         if (strstr($_SERVER['REMOTE_ADDR'], ":")) {
             // Remote address is IPv6 or IPv4 in IPv6 notation
             $data[":session_ip_start"] = inet_pton($_SERVER['REMOTE_ADDR']);
         } else {
             // Remote address is IPv4 in IPv4 notation
             // Convert to IPv6 notation
             $data[":session_ip_start"] = inet_pton("::ffff:" . $_SERVER['REMOTE_ADDR']);
         }
         $data[":session_useragent"] = $_SERVER['HTTP_USER_AGENT'];
         $sth = $pdo->prepare("INSERT INTO session (session_hash,session_ip_start,session_useragent) values (:session_hash,:session_ip_start,:session_useragent)");
         //$sth->execute($data);
         if (!$sth->execute($data)) {
             //todo: error handling
         }
         setcookie("ItPhilManagerSession", $data[":session_hash"], 2147483647);
         //PHP_INT_MAX);
         // PHP_MAX_INT causes problem on production server:
         // PHP Warning:  Expiry date cannot have a year greater than 9999
         // and does not set cookie. I suppose using the max 32 bit value solves the problem.... until 2038
         // (This problem occurs on 64 bit PHP installations)
         $data = array();
         $data[':session_id'] = $pdo->lastInsertId();
         $data[':user_id'] = $user_id;
         $sth = $pdo->prepare("INSERT INTO link_session2user (session_id,user_id) Values (:session_id,:user_id)");
         if (!$sth->execute($data)) {
             //todo: error handling
         }
     } else {
         $data['content_raw'] .= "Invalid Password";
     }
 }
开发者ID:The-IT-Philosopher,项目名称:manager,代码行数:75,代码来源:User.php

示例4:

if ($a === $b) {
    echo "pass\n";
} else {
    echo "FAIL\n";
}
// Test vector hex output.
$a = $MyHash->pbkdf2("sha1", "password", "salt", 2, 20, false);
$b = "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957";
if ($a === $b) {
    echo "pass\n";
} else {
    echo "FAIL\n";
}
$hash_of_password = $MyHash->create_hash("password");
// Test correct password.
if ($MyHash->validate_password("password", $hash_of_password)) {
    echo "pass\n";
} else {
    echo "FAIL\n";
}
// Test wrong password.
if ($MyHash->validate_password("wrong_password", $hash_of_password) === FALSE) {
    echo "pass\n";
} else {
    echo "FAIL\n";
}
// Test bad hash.
if ($MyHash->validate_password("password", "") === FALSE) {
    echo "pass\n";
} else {
    echo "FAIL\n";
开发者ID:shwetazutshi,项目名称:Msu2u-Api,代码行数:31,代码来源:hash_test.php


注:本文中的PasswordHash::validate_password方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。