Sign in Page Encrypted Messenger PHP

Sign in Page

Encrypted Messenger PHP

password_verify

password_verify Verifies that a password matches a hash.
Note that password_hash() returns the algorithm , cost and salt as part of the returned hash.
Therefore, all information that’s needed to verify the hash is included in it.
This allows the verify function to verify the hash without needing separate storage for the salt or algorithm information.
This function is safe against timing attacks.

random_int

random_int — Generates cryptographically secure pseudo-random integers

header

The header() function sends a raw HTTP header to a client.
It is important to notice that header() must be called before any actual output is sent (In PHP 4 and later, you can use output buffering to solve this problem)

Create a file named index.php


<?php
function secured_error () { die("Secured By Omid Bahrami"); }
set_error_handler("secured_error");

require '../secured/secured-structure.php';
require '../secured/secured-database.php';
require '../secured/secured-encryption.php';
require '../secured/secured-validation.php';

session_start();
gns_check_https();
gns_check_cookie();
$e1=$e2=$e3=FALSE;

if(isset($_POST["sign_in"]))
{

if($_POST["g-recaptcha-response"]!=NULL)
{

$sk = XSECRETKEYX;
$gc = $_POST['g-recaptcha-response'];
$ip = $_SERVER['REMOTE_ADDR'];

$xxx=file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$sk.'&response='.$gc.'&remoteip='.$ip);
$xcheckx=json_decode($xxx);

if ($xcheckx->success==false)
$e1=TRUE;

else if ($xcheckx->success==true)
{

$gt=array("user"=>"user" , "pass"=>"pass" );
if(gns_check_form($gt))
{

$xux=gns_hash_fix($_POST["user"]);
$xrx=gns_sign_in($xux);

if($xrx!=false)
{

if( password_verify( $_POST["pass"] , $xrx ) )
{

$_SESSION["secured"] = $_POST["user"];
$_SESSION["xkeyx"]= random_int(100000000,999999999) * 7 ;

if(isset($_POST["remember"]))
gns_create_cookie();

header('location:../profile/');
}

else
$e2=TRUE;

}

else
$e2=TRUE;

}

else
$e3=TRUE;

}

}

else
$e1=TRUE;

}

?>
<?php
$t="Sign in";
gns_head($t);
?>
<div class="jumbotron">
<?php
if($e1)
echo '<p class="text-primary text-center"> Check Captcha </p>';

else if($e2)
echo '<p class="text-primary text-center"> Wrong Username Or Password </p>';

else if($e3)
echo '<p class="text-primary text-center"> Check your Input </p>';

else
gns_welcome("Sign in");
?>
</div>
<div class="jumbotron">
<form id="form1" name="form1" method="post">
<table class="table table-condensed" style="max-width: 300px" align="center">
<tbody>
<tr>
<td>
<input type="text" name="user" id="user" class="form-control" placeholder="<?php if(!gns_show_error("user")) echo "Username"; ?>" value="<?php gns_show_value("user"); ?>">
</td>
</tr>
<tr>
<td>
<input type="password" name="pass" id="pass" class="form-control" placeholder="<?php if(!gns_show_error("pass")) echo "Password"; ?>">
</td>
</tr>
<tr>
<td>
<div align="center">
<div class="g-recaptcha" data-sitekey="<?php echo XSITEKEYX; ?>">
</div>
</div>
</td>
</tr>
<?php
if(XSSLX)
echo
'<tr>
<td>
<input type="checkbox" name="remember" id="remember" value="remember">
<small>
Remember me
</small>
</td>
</tr>';
?>
<tr>
<td>
<input type="submit" name="sign_in" id="sign_in" value="Sign in" class=" btn btn-primary">
</td>
</tr>
</tbody>
</table>
</form>
</div>
<?php gns_foot(); ?>

Full structure is available at Encrypted Messenger PHP