5 lines
9.4 KiB
HTML
5 lines
9.4 KiB
HTML
|
<html><head>
|
||
|
<meta http-equiv="content-type" content="text/html; charset=UTF-8"></head><body><code><span style="color: #000000">
|
||
|
<span style="color: #0000BB"><?php<br><br></span><span style="color: #007700">if (isset(</span><span style="color: #0000BB">$_GET</span><span style="color: #007700">[</span><span style="color: #DD0000">'show'</span><span style="color: #007700">])) </span><span style="color: #0000BB">highlight_file</span><span style="color: #007700">(</span><span style="color: #0000BB">__FILE__</span><span style="color: #007700">);<br><br></span><span style="color: #FF8000">/**<br> * Verifies user credentials.<br> */<br></span><span style="color: #007700">function </span><span style="color: #0000BB">verifyCreds</span><span style="color: #007700">(</span><span style="color: #0000BB">$conn</span><span style="color: #007700">, </span><span style="color: #0000BB">$username</span><span style="color: #007700">, </span><span style="color: #0000BB">$password</span><span style="color: #007700">) {<br> </span><span style="color: #0000BB">$usr </span><span style="color: #007700">= </span><span style="color: #0000BB">$conn</span><span style="color: #007700">-></span><span style="color: #0000BB">real_escape_string</span><span style="color: #007700">(</span><span style="color: #0000BB">$username</span><span style="color: #007700">);<br> </span><span style="color: #0000BB">$res </span><span style="color: #007700">= </span><span style="color: #0000BB">$conn</span><span style="color: #007700">-></span><span style="color: #0000BB">query</span><span style="color: #007700">(</span><span style="color: #DD0000">"SELECT password FROM users WHERE username='"</span><span style="color: #007700">.</span><span style="color: #0000BB">$usr</span><span style="color: #007700">.</span><span style="color: #DD0000">"'"</span><span style="color: #007700">);<br> </span><span style="color: #0000BB">$row </span><span style="color: #007700">= </span><span style="color: #0000BB">$res</span><span style="color: #007700">-></span><span style="color: #0000BB">fetch_assoc</span><span style="color: #007700">();<br> if (</span><span style="color: #0000BB">$row</span><span style="color: #007700">) {<br> if (</span><span style="color: #0000BB">password_verify</span><span style="color: #007700">(</span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$row</span><span style="color: #007700">[</span><span style="color: #DD0000">'password'</span><span style="color: #007700">])) return </span><span style="color: #0000BB">true</span><span style="color: #007700">;<br> else </span><span style="color: #0000BB">addFailedLoginAttempt</span><span style="color: #007700">(</span><span style="color: #0000BB">$conn</span><span style="color: #007700">, </span><span style="color: #0000BB">$_SERVER</span><span style="color: #007700">[</span><span style="color: #DD0000">'REMOTE_ADDR'</span><span style="color: #007700">]);<br> }<br> return </span><span style="color: #0000BB">false</span><span style="color: #007700">;<br>}<br><br></span><span style="color: #FF8000">/**<br> * Determines if the given user is admin.<br> */<br></span><span style="color: #007700">function </span><span style="color: #0000BB">isAdmin</span><span style="color: #007700">(</span><span style="color: #0000BB">$username</span><span style="color: #007700">) {<br> return (</span><span style="color: #0000BB">$username </span><span style="color: #007700">=== </span><span style="color: #DD0000">'santa'</span><span style="color: #007700">);<br>}<br><br></span><span style="color: #FF8000">/**<br> * Determines if the given username is already taken.<br> */<br></span><span style="color: #007700">function </span><span style="color: #0000BB">isUsernameAvailable</span><span style=
|
||
|
</span>
|
||
|
</code></body></html>
|