login test

libs/includes/Database.class.php

@@ -17,7 +17,7 @@ class Database
             if ($connection->connect_error) {
                 die("Connection failed: " . $connection->connect_error); //TODO: Replace this with exception handling
             } else {
-                printf("New connection establishing...");
+                //printf("New connection establishing...");
                 Database::$conn = $connection; //replacing null with actual connection
                 return Database::$conn;
             }

libs/includes/User.class.php

@@ -5,7 +5,7 @@ class User
     private $conn;
     public static function signup($user, $pass, $email, $phone)
     {
-        $pass = md5($pass);
+        $pass = md5(strrev(md5($pass))); //Security through obscurity
         $conn = Database::getConnection();
         $sql = "INSERT INTO `auth` (`username`, `password`, `email`, `phone`, `active`)
         VALUES ('$user', '$pass', '$email', '$phone', '1');";
@@ -23,6 +23,20 @@ class User
 
     public static function login($user, $pass)
     {
+        $pass = md5(strrev(md5($pass)));
+        $query = "SELECT * FROM `auth` WHERE `username` = '$user'";
+        $conn = Database::getConnection();
+        $result = $conn->query($query);
+        if ($result->num_rows == 1) {
+            $row = $result->fetch_assoc();
+            if ($row['password'] == $pass) {
+                return $row;
+            } else {
+                return false;
+            }
+        } else {
+            return false;
+        }
     }
 
     public function __construct($username)

logintest.php

+<?php
+include 'libs/load.php';
+
+$user = "fooboo";
+$pass = "decneg-napCaf-jakcy1";
+$result = null;
+
+if (isset($_GET['logout'])) {
+    Session::destroy();
+    die("Session destroyed, <a href='logintest.php'>Login Again</a>");
+}
+
+if (Session::get('is_loggedin')) {
+    $userdata = Session::get('session_user');
+    print("Welcome Back, $userdata[username]");
+    $result = $userdata;
+} else {
+    printf("No session found, trying to login now. <br>");
+    $result = User::login($user, $pass);
+    if ($result) {
+        echo "Login Success, $result[username]";
+        Session::set('is_loggedin', true);
+        Session::set('session_user', $result);
+    } else {
+        echo "Login failed <br>";
+    }
+}
+echo <<<EOL
+<br><br><a href="logintest.php?logout">Logout</a>
+EOL;

test.php

@@ -37,6 +37,8 @@ print("Model of 1st mic is ".$mic1->getModelProxy());
 print("\n".$mic1->getBrand());
 print("\n".$mic2->getBrand());
 
+print("\n".$mic->price);
+
 print("Value of 10+12 is ".$mic1->add(10, 12));
 print("This is mono font inside pre tag \n");
 

testhash.php

 <?php
 
-$pass = isset($_GET['pass']) ? $_GET['pass'] : "RandomPasswordThatIsSecure";
-echo(md5($pass));
+// $pass = isset($_GET['pass']) ? $_GET['pass'] : "RandomPasswordThatIsSecure";
+// echo(md5($pass));
+$str = <<<EOL
+No string-to-array function exists because it is not needed. If you reference a string with an offset like you do with an array, the character at that offset will be return. This is documented in section III.11's "Strings" article under the "String access and modification by character" heading. This is documented in section III.11's "Strings" article under the "String access and modification by character" heading. This is documented in section III.11's "Strings" article under the "String access and modification by character" heading.
+EOL;
+
+//This is documented in section III.11's "Strings" article under the "String access and modification by character" heading.
+echo("Data Length: ".strlen($str)."\n");
+
+$md5 = md5($str);
+$md5len = strlen($md5);
+
+$b64 = base64_encode($str);
+$b64len = strlen($b64);
+
+echo("MD5: $md5 (Lenght: $md5len)\n");
+echo("Base64: $b64 \n(Length: $b64len)\n");