0 && $saltStart < strlen($saltHash)) { $textHashStart = substr($textHash,0,$saltStart); $textHashEnd = substr($textHash,$saltStart,strlen($saltHash)); $outHash = hash($mode, $textHashEnd.$saltHash.$textHashStart); } elseif($saltStart > (strlen($saltHash)-1)) {$outHash = hash($mode, $textHash.$saltHash);} else {$outHash = hash($mode, $saltHash.$textHash);} // put salt at front of hash // $output = $saltHash.$outHash; return $output; } function login($username="", $password="", $page="") { if ($username == "") {return 1;} if ($password == "") {return 2;} $salthash = hash('sha1', 'apple83792'); $hashPassword = createHash($password, $salthash, $mode='sha1'); $query = "SELECT * FROM `users` WHERE `email`='".mysql_real_escape_string($username)."' AND `password`='".mysql_real_escape_string($hashPassword)."'"; $tryLogin = mysql_query($query); if (mysql_num_rows($tryLogin) == 0) { $checkEmailExist = mysql_query("SELECT * FROM `users` WHERE `email`='".$username."'"); if (mysql_num_rows($checkEmailExist) == 0) {return 3;} elseif (mysql_num_rows($checkEmailExist) == 1) {return 4;} } else { $info = mysql_fetch_assoc($tryLogin); $_SESSION['name'] = $info['firstName'].' '.$info['lastName']; $_SESSION['email'] = $info['email']; $_SESSION['ID'] = $info['id']; $_SESSION['permissionLevel'] = $info['permissionLevel']; $_SESSION['CKFinder_UserRole'] = 'admin'; $_SESSION['resetPassword'] = $info['resetPassword']; if ($info['resetPassword'] != "") { echo ''; exit; } elseif ($_SESSION['permissionLevel'] >= 9) { echo ''; exit; } } } ?>