<?php
/**
* Random Password Generator
* @public
* @param int $length Length of password to generate
* @return string Returns randomised password
*/
function randomPword($length)
{
$seed = 'ABC123DEF456GHI789JKL0MNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
$seedLength = strlen($seed);
$random = '';
for ($i=1; $i <= $length; $i++)
{
$charPos = mt_rand(0, ($seedLength - 1));
$singleChar = substr($seed, $charPos, 1);
$random .= $singleChar;
}
return $random;
}
?>
Tag Archive for password
Random password
Password encryption
function encryptpass($password) {
if(!empty($password)) {
$key = 'oYenhuobE577FzAixKPe9qQkptHbFx'.
'uoC0PcdPfNuQGnELzvI3FGVWl27k3v'.
'mqoymbRV09QWwdmq6c7AWysFP43LtM'.
'x8MDriq73T2PVJBGiyxQUxe4viLiHQ'.
'In4buglQcq3024DCw9sVFO0mFVe6Jq'.
'cPUuCjzYWyfgaSe97H6DBLIvAY9qbN'.
'xozZtZ0Id9Coy7daJDfx4w8BsyfFNr';
$hash1 = sha1(md5($key));
$hash2 = sha1(md5($password));
$password = md5(sha1($hash1 . $hash2));
return $password;
}
}
Generate password
function generatePassword ($length = 16)
{
// start with a blank password
$password = "";
// define possible characters
$possible = "0123456789bcdfghjkmnpqrstvwxyz";
// set up a counter
$i = 0;
// add random characters to $password until $length is reached
while ($i < $length) {
// pick a random character from the possible ones
$char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
// we don't want this character if it's already in the password
if (!strstr($password, $char)) {
$password .= $char;
$i++;
}
}
// done!
return $password;
}
MySQL random password string
SELECT CONV(FLOOR(RAND() * 99999999999999), 10, 36);
Random password string
echo base_convert(rand(0, PHP_INT_MAX) . rand(0, PHP_INT_MAX), 10, 36);
Set MySQL root password
SET PASSWORD FOR root@localhost=PASSWORD('RootPasswordHere');
FLUSH PRIVILEGES;
Login & Start Session
<?php
// start session
session_start();
if (array_key_exists('username', $_SESSION)) {
// user already authenticated
header('location: index.php');
}
if ($_POST) {
if (array_key_exists('username', $_POST)) {
require_once('codes/dal.php');
$dal = new DataAccessLayer();
$user = trim($_POST['username']);
$pass = trim($_POST['password']);
$pass = bin2hex(md5($pass, TRUE ));
// join the 'users' and 'roles' tables
$sql = 'select '
. 'u.id '
. ',u.username '
. ',u.password '
. ',u.role_id '
. ',r.name '
. ',u.full_name '
. ',u.email '
. ',u.description '
. 'from users as u '
. 'join roles as r on u.role_id = r.id '
. 'where u.username = '' . $user . ''';
$result = $dal->query($sql);
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
if ($pass == $row['password']) {
// create session variables
$_SESSION['user_id'] = $row['id'];
$_SESSION['username'] = $row['username'];
$_SESSION['full_name'] = $row['full_name'];
$_SESSION['role_id'] = $row['role_id'];
$_SESSION['role_name'] = $row['name'];
$_SESSION['email'] = $row['email'];
$_SESSION['password'] = $row['password'];
// check if password is default
if($pass == bin2hex(md5('pass', TRUE ))) {
$_SESSION['default'] = true;
// login successful - but password needs to be changed
header('location: users/change_password.php');
} else {
// login successful - redirect to home page
header('location: index.php');
}
} else {
$err = '<tr><td colspan="2">'
. '<div class="error-message">The username and/or password you entered is invalid.</div>'
. '</td></tr>';
}
} else {
$err = '<tr><td colspan="2">'
. '<div class="error-message">The username and/or password you entered is invalid.</div>'
. '</td></tr>';
}
}
}
?>
password protect
<?php
##################################################################
# SETTINGS START
##################################################################
// Add login/password pairs below, like described above
// NOTE: all rows except last must have comma "," at the end of line
$LOGIN_INFORMATION = array(
'admin' => 'admin'
);
// request login? true - show login and password boxes, false - password box only
define('USE_USERNAME', true);
// User will be redirected to this page after logout
define('LOGOUT_URL', 'http://www.example.com/');
// time out after NN minutes of inactivity. Set to 0 to not timeout
define('TIMEOUT_MINUTES', 0);
// This parameter is only useful when TIMEOUT_MINUTES is not zero
// true - timeout time from last activity, false - timeout time from login
define('TIMEOUT_CHECK_ACTIVITY', true);
##################################################################
# SETTINGS END
##################################################################
///////////////////////////////////////////////////////
// do not change code below
///////////////////////////////////////////////////////
// timeout in seconds
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);
// logout?
if(isset($_GET['logout'])) {
setcookie("verify", '', $timeout, '/'); // clear password;
header('Location: ' . LOGOUT_URL);
exit();
}
if(!function_exists('showLoginPasswordProtect')) {
// show login form
function showLoginPasswordProtect($error_msg) {
?>
<html>
<head>
<title>Admin Control Panel</title>
<META HTTP-EQUIV="CACHE-CONTROL" CONTENT="NO-CACHE">
<META HTTP-EQUIV="PRAGMA" CONTENT="NO-CACHE">
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
</head>
<body style="text-align:center">
<style>
input { border: 1px solid black; }
</style>
<form method="post">
<h1>Please enter password to access this page</h1>
<font color="red"><?php echo $error_msg; ?></font><br />
<?php if (USE_USERNAME) echo 'Login:<br /><input type="input" name="access_login" /><br />Password:<br />'; ?>
<input type="password" name="access_password" /><p></p><input type="submit" name="Submit" value="Submit" />
</form>
</body>
</html>
<?php
// stop at this point
die();
}
}
// user provided password
if (isset($_POST['access_password'])) {
$login = isset($_POST['access_login']) ? $_POST['access_login'] : '';
$pass = $_POST['access_password'];
if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
|| (USE_USERNAME && ( !array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass ) )
) {
showLoginPasswordProtect("Incorrect password.");
}
else {
// set cookie if password was validated
setcookie("verify", md5($login.'%'.$pass), $timeout, '/');
// Some programs (like Form1 Bilder) check $_POST array to see if parameters passed
// So need to clear password protector variables
unset($_POST['access_login']);
unset($_POST['access_password']);
unset($_POST['Submit']);
}
}
else {
// check if password cookie is set
if (!isset($_COOKIE['verify'])) {
showLoginPasswordProtect("");
}
// check if cookie is good
$found = false;
foreach($LOGIN_INFORMATION as $key=>$val) {
$lp = (USE_USERNAME ? $key : '') .'%'.$val;
if ($_COOKIE['verify'] == md5($lp)) {
$found = true;
// prolong timeout
if (TIMEOUT_CHECK_ACTIVITY) {
setcookie("verify", md5($lp), $timeout, '/');
}
break;
}
}
if (!$found) {
showLoginPasswordProtect("");
}
}
?>
Category: Uncategorized |
Tags: password
Single-Page Password Protection
<html>
<head>
<title>Private Page</title>
</head>
<body>
<?php
$password = "phpmac";
if (!isset($_POST['submit'])) {
?>
<form action="" method="POST">
Enter the Password: <input type="password" name="password"><br>
<input type="submit" name="submit">
</form>
<?php
} else {
if ($_POST['password'] == $password) {
?>
Secret content!
<?php
} else {
?>
<form action="" method="POST">
Enter the Password: <input type="password" name="password"><br>
<input type="submit" name="submit">
</form>
<?php
}
}
?>
</body>
</html>
Password Protect Folder / Directory with htaccess and htpasswd on Apache and Linux / Unix
Step 1 - Create .htaccess file in folder you want to protect, copy the code and paste the code below, and then set server path to the file AuthUserFile /path/to/.htpasswd AuthName "Restricted Area" AuthType Basic Require valid-user Step 2 - Open Terminal, go to the directory you want to protect, and enter the following (changing the username to whatever you want). Enter the password upon prompting. htpasswd -c .htpasswd username