Heres my no database required login
I was bored one day and decided to make this login system that doesnt require any database.
It saves all userdata to a file, of own choice with encrypted names and passwords
I made it just for fun to check out some functions of php
Class:
Rollover to view spoilerCode: Select all<?php
class user {
private $credentials_file;
public function __construct($credentials_file){
$this->credentials_file = $credentials_file;
if(!file_exists($credentials_file)){
file_put_contents($credentials_file, serialize(array()));
}
}
function salt($length){
$output = '';
$i = 0;
$chars = array_merge(range('A','Z'), range('a','z'), range('0','9'));
$count = count($chars) - 1;
while($i < $length){
$output .= $chars[mt_rand(0,$count)];
$i++;
}
return $output;
}
function encrypt($input, $key) {
if (strlen($key) >= 33){
$key = substr($key, 0, 32 - strlen($key));
}
$size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($size, MCRYPT_RAND);
$output = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, utf8_encode($input), MCRYPT_MODE_ECB, $iv);
return $output;
}
function decrypt($input, $key) {
if (strlen($key) >= 33){
$key = substr($key, 0, 32 - strlen($key));
}
$size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($size, MCRYPT_RAND);
$output = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $input, MCRYPT_MODE_ECB, $iv);
return $output;
}
function create($username, $password, $salt){
$credentials_file = $this->credentials_file;
$username = $this->encrypt($username, $salt);
$password = $this->encrypt($password, $salt);
$credentials = file_get_contents($credentials_file);
$credentials = unserialize($credentials);
if(!array_key_exists($username, $credentials)){
$credentials[$username] = $password;
$output = array("status" => true, "reason" => "User created");
} else {
$output = array("status" => true, "reason" => "User already exists");
}
$credentials = serialize($credentials);
file_put_contents($credentials_file, $credentials);
return $output;
}
function remove($username, $password, $salt){
$credentials_file = $this->credentials_file;
$username = $this->encrypt($username, $salt);
$password = $this->encrypt($password, $salt);
$credentials = file_get_contents($credentials_file);
$credentials = unserialize($credentials);
if(array_key_exists($username, $credentials)){
if($credentials[$username] == $password){
unset($credentials[$username]);
$credentials = serialize($credentials);
file_put_contents($credentials_file, $credentials);
$output = array("status" => true, "reason" => "User succesfully removed");
} else {
$output = array("status" => true, "reason" => "Wrong password");
}
} else {
$output = array("status" => true, "reason" => "User dosent exists");
}
return $output;
}
function login($username, $password, $salt){
session_start();
$credentials_file = $this->credentials_file;
$original_username = $username;
$username = $this->encrypt($username, $salt);
$password = $this->encrypt($password, $salt);
$credentials = file_get_contents($credentials_file);
$credentials = unserialize($credentials);
if(array_key_exists($username, $credentials)){
if($credentials[$username] == $password){
$_SESSION['auth'] = 2;
$_SESSION['username'] = $original_username;
$output = array("status" => true, "reason" => "User succesfully logged in");
} else {
$output = array("status" => true, "reason" => "Wrong password");
}
} else {
$output = array("status" => true, "reason" => "User dosent exists");
}
return $output;
}
}
?>
[/spoiler]
Usage:
Rollover to view spoilerCode: Select all<meta charset="UTF-8">
<?php
require_once('classes/user.php');
$user = new user('permission.ini');
$salt = "TYe0Z8TEHvJElf0eHs3iUai2GjU4WCG7";
/* //Create user */
if(isset($_GET['username']) != '' && isset($_GET['password']) != ''){
$username = $_GET['username'];
$password = $_GET['password'];
$create = $user->create($username, $password, $salt);
if($create['status']){
echo $create['reason'];
}
}
echo '<br>';
/* //User login */
if(isset($_GET['username']) != '' && isset($_GET['password']) != ''){
$username = $_GET['username'];
$password = $_GET['password'];
$remove = $user->login($username, $password, $salt);
if($remove['status']){
echo $remove['reason'];
}
}
echo '<br>';
//User remove
if(isset($_GET['username']) != '' && isset($_GET['password']) != ''){
$username = $_GET['username'];
$password = $_GET['password'];
$login = $user->remove($username, $password, $salt);
if($login['status']){
echo $login['reason'];
}
}
echo '<br><br><br>';
@session_start();
var_dump($_SESSION);
?>
[/spoiler]