Social.Tune/Generation_01/login.php

<?php
	error_reporting(E_ALL);
	ini_set('display_errors', '1');
	require_once($_SERVER['DOCUMENT_ROOT'] . '/socialtune/includes/session.php'); 
	require_once($_SERVER['DOCUMENT_ROOT'] . '/socialtune/includes/config.php'); 
	$email = (!empty($_POST['email'])) ? $_POST['email'] : false;
	$password = (!empty($_POST['password'])) ? $_POST['password'] : false;
	if($email && $password){
		$connection = mysqli_connect($dbHost, $dbUser, $dbPass, $dbName);
		$email = mysqli_real_escape_string($connection, $email);
		$password = mysqli_real_escape_string($connection, $password);
		$query = "SELECT * FROM users WHERE email='$email'";
		$result = mysqli_query($connection, $query);
		if($result){
			$row = mysqli_fetch_array($result);
			$storedHash = $row[2];
		}
		$validateHash = $salt . $storedHash;
		for($i = 0; $i < 1; $i++){ $validateHash = hash('sha256', $validateHash);}
		$validateHash = $salt. $validateHash;
		$validateHash = substr($storedHash,0,64);
		$enteredHash = $salt . $password;
		for($i = 0; $i < 1; $i++){	$enteredHash = hash('sha256', $enteredHash);} // Look. Tiny code. I hope it's not too hard to understand. :|
		$userEnteredHash = substr($enteredHash,0,64);
		if($enteredHash == $validateHash){
			$_SESSION['username'] = $email;
			$_SESSION['password'] = $password;
			$_SESSION['Authenticated'] = true;
			$_SESSION['Expires'] = time() + 86400; // 24 hours.
			$_SESSION['isOnline'] = True; // omfg.

			$numberOne = 1;
			$isOnline = "UPDATE users SET isOnline='$numberOne' WHERE email='$email'";
				// Make online = True
			if(mysqli_query($connection, $isOnline)){
				echo 'User is online.';
			}else{
				echo 'Something went wrong...';
			}


			echo "Log in succesful.<br>Loading dashboard.";
			header("Location: dashboard.php");
		}else{header("Location: index.php?q=3");} // validated incorrectly.
	mysqli_close($connection);
	}else{ header("Location: index.php?q=2");} // Forgot to pass either: email || pass
?>
Pushed to github 2018-11-07 18:29:45 -05:00			`<?php`
			`error_reporting(E_ALL);`
			`ini_set('display_errors', '1');`
			`require_once($_SERVER['DOCUMENT_ROOT'] . '/socialtune/includes/session.php');`
			`require_once($_SERVER['DOCUMENT_ROOT'] . '/socialtune/includes/config.php');`
			`$email = (!empty($_POST['email'])) ? $_POST['email'] : false;`
			`$password = (!empty($_POST['password'])) ? $_POST['password'] : false;`
			`if($email && $password){`
			`$connection = mysqli_connect($dbHost, $dbUser, $dbPass, $dbName);`
			`$email = mysqli_real_escape_string($connection, $email);`
			`$password = mysqli_real_escape_string($connection, $password);`
			`$query = "SELECT * FROM users WHERE email='$email'";`
			`$result = mysqli_query($connection, $query);`
			`if($result){`
			`$row = mysqli_fetch_array($result);`
			`$storedHash = $row[2];`
			`}`
			`$validateHash = $salt . $storedHash;`
			`for($i = 0; $i < 1; $i++){ $validateHash = hash('sha256', $validateHash);}`
			`$validateHash = $salt. $validateHash;`
			`$validateHash = substr($storedHash,0,64);`
			`$enteredHash = $salt . $password;`
			`for($i = 0; $i < 1; $i++){ $enteredHash = hash('sha256', $enteredHash);} // Look. Tiny code. I hope it's not too hard to understand. :\|`
			`$userEnteredHash = substr($enteredHash,0,64);`
			`if($enteredHash == $validateHash){`
			`$_SESSION['username'] = $email;`
			`$_SESSION['password'] = $password;`
			`$_SESSION['Authenticated'] = true;`
			`$_SESSION['Expires'] = time() + 86400; // 24 hours.`
			`$_SESSION['isOnline'] = True; // omfg.`

			`$numberOne = 1;`
			`$isOnline = "UPDATE users SET isOnline='$numberOne' WHERE email='$email'";`
			`// Make online = True`
			`if(mysqli_query($connection, $isOnline)){`
			`echo 'User is online.';`
			`}else{`
			`echo 'Something went wrong...';`
			`}`


			`echo "Log in succesful.<br>Loading dashboard.";`
			`header("Location: dashboard.php");`
			`}else{header("Location: index.php?q=3");} // validated incorrectly.`
			`mysqli_close($connection);`
			`}else{ header("Location: index.php?q=2");} // Forgot to pass either: email \|\| pass`
			`?>`