From 9ca2d44ab36fab17578ffe723ce0fa83331f7c29 Mon Sep 17 00:00:00 2001
From: Raghav <raghavsmart1213@gmail.com>
Date: Wed, 12 Mar 2025 08:05:20 +0000
Subject: [PATCH] Verified User password with simple way: Success

---
 _includes/User.class.php | 40 +++++++++++++++++++++++++++++-----------
 logintest.php            | 13 +++++++++++++
 testhash.php             | 12 ++++++++++++
 3 files changed, 54 insertions(+), 11 deletions(-)
 create mode 100644 logintest.php
 create mode 100644 testhash.php

diff --git a/_includes/User.class.php b/_includes/User.class.php
index f92db81..96fb850 100644
--- a/_includes/User.class.php
+++ b/_includes/User.class.php
@@ -9,7 +9,7 @@ class User
         $conn = Database::getConnection();
 
         // To save password as md5 hash format
-        $pass = md5($pass);
+        $pass = md5(strrev(md5($pass))); //Security through obscurity
 
         $sql = "INSERT INTO `auth` (`username`, `password`, `email`, `phone`, `block`, `active`)
     VALUES ('$user', '$pass', '$email', '$phone', '0', '1');";
@@ -27,20 +27,38 @@ class User
         return $error;
     }
 
-    public static function getCredential($email, $pass)
-    {
+    // Check whether the user credential is exists in database 
+    public static function login($user, $pass){
+
+        // Since it is in static function we need to declare again in this function.
+        $password = $pass;
 
-        // Connect to Database
+        // store query in a variable
+        $query = "SELECT * FROM `auth` WHERE `username` = '$user'";
+
+        // To get database connection
         $conn = Database::getConnection();
 
-        Database::getUserData($email, $pass);
-      
-        
+        // sends the query with query() to get the data from database
+        $result = $conn -> query($query);
 
-    }
+        /*
+        [*] Accessing (num_rows) is the variable present inside the class eg: $object->variable_name;
+        */       
+        if($result -> num_rows == 1){
+
+            // fetch data as array from database and store in $row
+            $row = $result->fetch_assoc();
+
+            // validate password from database
+            if($row['password'] == $password){
+                return $row;
+            }else{
+                return false;
+            }
+        }else{
+            return false;
+        }
 
-    public static function setCredential()
-    {
-        Database::setUserData();
     }
 }
diff --git a/logintest.php b/logintest.php
new file mode 100644
index 0000000..6e5a0f5
--- /dev/null
+++ b/logintest.php
@@ -0,0 +1,13 @@
+<?php
+include 'libs/load.php';
+
+$user = "devyani ";
+$pass = "devyani";
+
+$result = User::login($user, $pass);
+if ($result) {
+    echo "Login success";
+} else {
+    echo "Login failed";
+}
+
diff --git a/testhash.php b/testhash.php
new file mode 100644
index 0000000..4da2be3
--- /dev/null
+++ b/testhash.php
@@ -0,0 +1,12 @@
+<?php
+
+$str = <<<"raghav"
+[*] Hello I am raghav fro selfmade ninja
+[*] here we are going to see about hashing [md5] how md5() works
+[*] Is it stores the whole data into 32bit data?
+[*} Hey buddy what's up????
+raghav;
+
+echo "string length: " . strlen($str) . "\n";
+echo "md5: ". md5($str) . "(length: ". strlen(md5($str)) . ")\n";
+echo "base64: ". base64_encode($str) . "\n(Length: ". strlen(base64_encode($str)) . ")";
-- 
GitLab