Thread: Registration System

Results 1 to 4 of 4
  1. #1 Registration System 
    Donator

    Arithium's Avatar
    Join Date
    May 2010
    Age
    26
    Posts
    4,775
    Thanks given
    199
    Thanks received
    1,255
    Rep Power
    1110
    Something I whipped up quickly though it seems sufficient. Uses prepared statements to avoid SQL Injection attacks. All passwords are salted and hashed for security. Could be improved upon I'm sure but its a start.

    Code:
    <?php
    
    	include('./salt_generator.php');
    	
    	$xx = "Please enter the requested username and password.";
    	if(isset($_POST['register'])) {
    	
    		$db = new PDO('mysql:host=localhost;dbname=database_name', 'username', 'password');
    		$username = trim($_POST['username']);
    		$password = trim($_POST['password']);
    		$email = trim($_POST['email']);
    		
    		$username = strtolower($username);
    		$email = strtolower($email);
    
    		
    		if (empty($username)) {
    			$xx = 'Please enter a valid username.';
    		} else if (empty($password)) {
    			$xx = 'Please enter a valid password.';
    		} else if (strlen($password) < 5) {
    			$xx = 'Your password must be at least 5 characters.';
    		} else if (empty($email)) {
    			$xx = 'Please enter a valid email.';
    		} else if (strpos($email, '@') == 0) {
    			$xx = 'Please include a valid email address.';
    		} else {
    			$stmt = $db->prepare("SELECT * FROM `registration` WHERE `username`=:username ORDER BY `index`");
    			$stmt->bindValue(':username', $username);
    			$stmt->execute();
    			
    			$result = $stmt->fetch(PDO::FETCH_ASSOC);
    			
    			$registered_username = strtolower($result ['username']);
    			$registered_email = strtolower($result ['email']);
    			
    			if (!empty($registered_email)) {
    				$xx = 'This email has already been registered.';
    			} else if (!empty($registered_username)) {
    				$xx = 'This username is already taken.';
    			} else {
    				$enabled = true;
    				$stmt->closeCursor();
    				
    				if ($enabled) {
    					$salt = genKey(16);
    					$salted_password = $password . $salt;
    			
    					$hashed_password = sha1($salted_password);
    						
    					$query = "INSERT INTO `registration` (`username`, `password`, `email`, `salt`) VALUES(:user, :pass, :email, :salt)";
    					$stmt = $db->prepare($query);
    					$stmt->bindValue(':user', $username);
    					$stmt->bindValue(':pass', $hashed_password);
    					$stmt->bindValue(':email', $email);
    					$stmt->bindvalue(':salt', $salt);
    					$stmt->execute();
    					$xx = 'Successfully registered your new username!';
    				} else {
    					$xx = 'The registration system is currently disabled.';
    				}
    			}
    		}
    	}
    ?>
    
    
    <!DOCTYPE html>
    <html>
    
    	<head>
    		<title>Near-Reality Registration</title>
    	</head>
    	
    	<body>
    		<center>
    			<h1>Near-Reality Registration</h1>
    			
    			<font size="3"><?php echo $xx ?></font>
    			
    			</br>
    			</br>
    			
    			<form action="register.php" method="post" autocomplete="off">
    				Username: <input type="text" name="username" autocomplete="off">
    				</br>
    				Password: <input type="password" name="password" autocomplete="off"> 
    				</br>
    				Email: <input type="text" name="email" autocomplete="off">
    				</br>
    				<input type="submit" value="Register" name="register">
    			</form>
    		</center>
    		
    	</body>
    </html>
    Table structure

    Code:
    CREATE TABLE IF NOT EXISTS `registration` (
      `index` int(11) NOT NULL AUTO_INCREMENT,
      `username` varchar(12) NOT NULL,
      `password` varchar(100) NOT NULL,
      `email` varchar(255) NOT NULL,
      `salt` varchar(255) NOT NULL,
      PRIMARY KEY (`index`)
    ) ENGINE=InnoDB  DEFAULT CHARSET=latin1 AUTO_INCREMENT=181 ;
    Salt Generator - not mine
    Code:
    <?php
    
    function genKey($length) {
      if($length > 0) { 
    	  $rand_id="";
    		for($i=1; $i <= $length; $i++) {
    		 mt_srand((double)microtime() * 1000000);
    		 $num = mt_rand(1,72);
    		 $rand_id .= assign_rand_value($num);
    		}
      }
    	return $rand_id;
    }
    
    function assign_rand_value($num) {
      switch($num) {
        case "1":
         $rand_value = "a";
        break;
        case "2":
         $rand_value = "b";
        break;
        case "3":
         $rand_value = "c";
        break;
        case "4":
         $rand_value = "d";
        break;
        case "5":
         $rand_value = "e";
        break;
        case "6":
         $rand_value = "f";
        break;
        case "7":
         $rand_value = "g";
        break;
        case "8":
         $rand_value = "h";
        break;
        case "9":
         $rand_value = "i";
        break;
        case "10":
         $rand_value = "j";
        break;
        case "11":
         $rand_value = "k";
        break;
        case "12":
         $rand_value = "l";
        break;
        case "13":
         $rand_value = "m";
        break;
        case "14":
         $rand_value = "n";
        break;
        case "15":
         $rand_value = "o";
        break;
        case "16":
         $rand_value = "p";
        break;
        case "17":
         $rand_value = "q";
        break;
        case "18":
         $rand_value = "r";
        break;
        case "19":
         $rand_value = "s";
        break;
        case "20":
         $rand_value = "t";
        break;
        case "21":
         $rand_value = "u";
        break;
        case "22":
         $rand_value = "v";
        break;
        case "23":
         $rand_value = "w";
        break;
        case "24":
         $rand_value = "x";
        break;
        case "25":
         $rand_value = "y";
        break;
        case "26":
         $rand_value = "z";
        break;
        case "27":
         $rand_value = "0";
        break;
        case "28":
         $rand_value = "1";
        break;
        case "29":
         $rand_value = "2";
        break;
        case "30":
         $rand_value = "3";
        break;
        case "31":
         $rand_value = "4";
        break;
        case "32":
         $rand_value = "5";
        break;
        case "33":
         $rand_value = "6";
        break;
        case "34":
         $rand_value = "7";
        break;
        case "35":
         $rand_value = "8";
        break;
        case "36":
         $rand_value = "9";
        break;
        case "37":
         $rand_value = "*";
        break;
        case "38":
         $rand_value = "~";
        break;
        case "39":
         $rand_value = "-";
        break;
        case "40":
         $rand_value = "|";
        break;
        case "41":
         $rand_value = "^";
        break;
        case "42":
         $rand_value = "%";
        break;
        case "43":
         $rand_value = " ";
        break;
        case "44":
         $rand_value = "_";
        break;
        case "45":
         $rand_value = "+";
        break;
        case "46":
         $rand_value = "=";
        break;
        case "47":
         $rand_value = "A";
        break;
        case "48":
         $rand_value = "B";
        break;
        case "49":
         $rand_value = "C";
        break;
        case "50":
         $rand_value = "D";
        break;
        case "51":
         $rand_value = "E";
        break;
        case "52":
         $rand_value = "F";
        break;
        case "53":
         $rand_value = "G";
        break;
        case "54":
         $rand_value = "H";
        break;
        case "55":
         $rand_value = "I";
        break;
        case "56":
         $rand_value = "J";
        break;
        case "57":
         $rand_value = "K";
        break;
        case "58":
         $rand_value = "L";
        break;
        case "59":
         $rand_value = "M";
        break;
        case "60":
         $rand_value = "N";
        break;
        case "61":
         $rand_value = "O";
        break;
        case "62":
         $rand_value = "P";
        break;
        case "63":
         $rand_value = "Q";
        break;
        case "64":
         $rand_value = "R";
        break;
        case "65":
         $rand_value = "S";
        break;
        case "66":
         $rand_value = "T";
        break;
        case "67":
         $rand_value = "U";
        break;
        case "68":
         $rand_value = "V";
        break;
        case "69":
         $rand_value = "W";
        break;
        case "70":
         $rand_value = "X";
        break;
        case "71":
         $rand_value = "Y";
        break;
        case "72":
         $rand_value = "Z";
        break;
      }
    return $rand_value;
    }
    Java portion not written by me.

    Code:
    public static String get_SHA_1_SecurePassword(String passwordToHash, String salt) {
    	String generatedPassword = null;
    	passwordToHash += salt;
    	try {
    	    MessageDigest digest = java.security.MessageDigest.getInstance("SHA-1");
    	    digest.update(passwordToHash.getBytes());
    	    byte messageDigest[] = digest.digest();
    
    	    StringBuffer hexString = new StringBuffer();
    	    for (int i = 0; i < messageDigest.length; i++)
    		hexString.append(String.format("%02X", 0xFF & messageDigest[i]));
    	    return hexString.toString();
    
    	} catch (NoSuchAlgorithmException e) {
    	    e.printStackTrace();
    	}
    	return generatedPassword;
        }
    
        public static String getSalt() throws NoSuchAlgorithmException {
    	SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");
    	byte[] salt = new byte[16];
    	sr.nextBytes(salt);
    	return salt.toString();
        }
    Reply With Quote  
     

  2. #2  
    Registered Member
    Join Date
    Feb 2014
    Posts
    118
    Thanks given
    107
    Thanks received
    16
    Rep Power
    2
    Thanks for this, might use.
    Reply With Quote  
     

  3. #3  
    Banned

    Join Date
    Sep 2012
    Age
    21
    Posts
    949
    Thanks given
    183
    Thanks received
    252
    Rep Power
    0
    Does Near-Reality use this?
    Reply With Quote  
     

  4. #4  
    Donator

    Arithium's Avatar
    Join Date
    May 2010
    Age
    26
    Posts
    4,775
    Thanks given
    199
    Thanks received
    1,255
    Rep Power
    1110
    Quote Originally Posted by Klaus View Post
    Does Near-Reality use this?
    I was slowly implementing it but its not in full use yet.
    Reply With Quote  
     


Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [$40]Registration system
    By Jack94 in forum Buying
    Replies: 7
    Last Post: 01-19-2013, 02:24 PM
  2. My Custom Login/Registration System for my Server
    By macalroy in forum Website Development
    Replies: 17
    Last Post: 08-20-2012, 02:35 AM
  3. Registration System
    By Hidden Gamer in forum Help
    Replies: 1
    Last Post: 01-20-2012, 08:09 AM
  4. [VB6] Registration System (INET) w/ Activation
    By Orpheus in forum Tutorials
    Replies: 5
    Last Post: 10-22-2011, 09:46 AM
  5. My theory of a registration system without sql
    By Mother Goose in forum RS2 Server
    Replies: 14
    Last Post: 12-04-2009, 11:25 PM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •