Hallo liebe VB-Programmer ich sitze vor ein problem ich habe hier ein php login und wolte nun mit VB ein mysql login machen.
Nur hat mein forum ein md5 salt kann mir jemand helfen ?
Ich habe mal ein login php rausgenommen .
Spoiler anzeigen
Kann mir jemand helfen dabei so ein login zu erstellen ?
Mfg
Nur hat mein forum ein md5 salt kann mir jemand helfen ?
Ich habe mal ein login php rausgenommen .
PHP-Quellcode
- <?PHP
- require("connect.php");
- //Get username information
- $username=$_POST['username'];
- $password=$_POST['password'];
- $username=mysql_real_escape_string($username);
- $password=mysql_real_escape_string($password);
- //check that user is not banned
- $banned=mysql_query("SELECT * FROM GUIDTech WHERE user='" .$username. "'");
- while($rows=mysql_fetch_array($banned)){
- $banned1=$rows['BANNED'];
- }
- //Get id from username for retrieval of the password hash and salt
- $result=mysql_query("SELECT * FROM ".$pf."members WHERE name='" . $username. "'")or die('fout'. mysql_error());
- while($rows=mysql_fetch_array($result)){
- $id=$rows['id'];
- //We need this information to make sure the user is allowed to access this system
- $group=$rows['mgroup'];
- $user2 = $rows['name'];
- }
- //*********************************************************************
- //Modify this table to use your usergroup names
- $allowedgroups = array (
- "Root Admin",
- "Global Moderator",
- "Administrators",
- "Head Moderator",
- "Special Member",
- "Support",
- );
- //**********************************************************************
- //Get password hash and salt using email
- $nick=mysql_query("SELECT * FROM ".$pf."members WHERE name='".$username."'");
- while($rows=mysql_fetch_array($nick)){
- $nickname=$rows['members_display_name'];
- $m_login_key = $rows['member_login_key'];
- }
- //Get use the group ID to get the group title text
- $verify=mysql_query("SELECT * FROM ".$pf."groups");
- while($rows=mysql_fetch_array($verify)){
- $result=mysql_query("SELECT * FROM ".$pf."groups WHERE g_id='".$group."'");
- while($rows2=mysql_fetch_array($result)){
- $group=$rows2['g_title'];
- }
- }
- $usergroup = false;
- if(in_array($group, $allowedgroups)) {
- $usergroup = true;
- }
- //Get password hash and salt using email
- $result=mysql_query("SELECT * FROM ".$pf."members_converge WHERE converge_id='" . $id . "'");
- while($rows=mysql_fetch_array($result)){
- $checkpass=$rows['converge_pass_hash'];
- $salt=$rows['converge_pass_salt'];
- }
- //echo $checkpass . "<br />" . md5($_POST['pass']);
- //$ip = explode('.', $_SERVER['REMOTE_ADDR']);
- //$salt2 = md5($DBpassword . $DBusername);
- //$pass2 = md5( md5( $id . "-" . $ip[0] . '-' . $ip[1] . '-' . $m_login_key) . $salt2);
- $password = md5( md5( $salt ) . md5( $password ) );
- if($password != $checkpass/*$_COOKIE['ipb_stronghold']*/){
- echo "Wrong password" ; //Error
- exit;
- }
- if(!$usergroup){
- echo "You do not have the permission required to access this area. " . $group;
- echo "<br><a href='index.php'>Go Back</a>";
- exit;
- }
- session_start();
- $_SESSION['code'] = md5(rand(1,1000));
- $_SESSION['user'] = $user2;
- $_SESSION['nickname'] = $nickname;
- $res = mysql_query("SELECT * FROM GUIDTech WHERE user='". $_SESSION['user'] ."'")or die(mysql_error());
- //$data = mysql_fetch_assoc($res);
- if(mysql_num_rows($res) >= 1) {
- mysql_query("UPDATE GUIDTech SET code='" . $_SESSION['code'] ."', user='". $_SESSION['user'] . "', nickname='". $_SESSION['nickname']."' WHERE user='" . $_SESSION['user'] ."'")or die(mysql_error());
- }
- else {
- mysql_query("INSERT INTO GUIDTech (user, nickname, code) VALUES ('". $_SESSION['user'] ."', '". $_SESSION['nickname']."', '" .$_SESSION['code'] ."')")or die(mysql_error());
- }
- header("Location: loginok.php");
- ob_end_flush();
- ?>
Kann mir jemand helfen dabei so ein login zu erstellen ?
Mfg