Added salting and no similar username

2017-01-18 14:46:32 +01:00
parent afcd048260
commit 0808d46d9e
4 changed files with 22 additions and 14 deletions
--- a/website/public/login.php
+++ b/website/public/login.php
@@ -21,14 +21,16 @@

        }
        else {
-            $uname=$_POST["uname"];
+            $uname=strtolower($_POST["uname"]);
            $psw=$_POST["psw"];
            $hash=hashPassword()["password"];
-
+            $userid=hashPassword()["userID"];
+            
            // If there's an account, go to the profile page
-            if(password_verify($psw, $hash)) {
+            if(password_verify($psw.$uname, $hash)) {
+               $_SESSION["userID"] = $userid;
+               header("location: /profile.php");

-               header("location: myhyvesbookplus.nl/profile.php");
            } else {
               $loginErr = "Inloggegevens zijn niet correct";
            }
--- a/website/public/register.php
+++ b/website/public/register.php
@@ -88,9 +88,9 @@
                $usernameErr = "Gebruikersnaam moet minstens 6 karakters bevatten";
                $correct = false;

-            } else if (getExistingUser() == 1 ){
+            } else if (getExistingUsername() == 1){
                $usernameErr = "Gebruikersnaam bestaat al";
-                $correct = false;
+                $correct = false; 

            }
        }
@@ -153,7 +153,7 @@

        } else {
            registerAccount();
-            // header("location: login.php");
+            header("location: login.php");

        }
    }