0% found this document useful (0 votes)

112 views3 pages

Password Vault PHP - PHP

The document is a PHP configuration file for a password vault application, defining database connection settings, session management, and security measures. It includes functions for user authentication, password hashing, encryption, and input sanitization. Additionally, it provides utilities for generating secure passwords and checking their strength.

Uploaded by

d24amtics082

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

112 views3 pages

Password Vault PHP - PHP

Uploaded by

d24amtics082

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as TXT, PDF, TXT or read online on Scribd

You are on page 1/ 3

<?

php
// config.php - Database configuration and global settings
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'vault_user');
define('DB_PASSWORD', 'your_secure_password');
define('DB_NAME', 'password_vault');
define('ENCRYPTION_KEY_ITERATIONS', 10000); // PBKDF2 iterations
define('SESSION_TIMEOUT', 900); // 15 minutes in seconds
define('MAX_LOGIN_ATTEMPTS', 5);
define('LOCKOUT_TIME', 1800); // 30 minutes in seconds

// Establish database connection

function connectDB() {
$conn = new mysqli(DB_SERVER, DB_USERNAME, DB_PASSWORD, DB_NAME);

if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}

return $conn;
}

// Secure session configuration

ini_set('session.cookie_httponly', 1);
ini_set('session.use_only_cookies', 1);
ini_set('session.cookie_secure', 1); // Only works on HTTPS
ini_set('session.cookie_samesite', 'Strict');
session_start();

// Function to check if user is logged in

function isLoggedIn() {
if (isset($_SESSION['user_id']) && !empty($_SESSION['user_id'])) {
// Check if session has expired
if (isset($_SESSION['last_activity']) && (time() -
$_SESSION['last_activity'] > SESSION_TIMEOUT)) {
session_unset();
session_destroy();
return false;
}

// Update last activity time

$_SESSION['last_activity'] = time();
return true;
}
return false;
}

// Generate CSRF token

function generateCSRFToken() {
if (!isset($_SESSION['csrf_token'])) {
$_SESSION['csrf_token'] = bin2hex(random_bytes(32));
}
return $_SESSION['csrf_token'];
}

// Verify CSRF token

function verifyCSRFToken($token) {
if (!isset($_SESSION['csrf_token']) || $token !== $_SESSION['csrf_token']) {
return false;
}
return true;
}

// Security utility functions

function secureHash($password) {
return password_hash($password, PASSWORD_ARGON2ID, ['memory_cost' => 2048,
'time_cost' => 4, 'threads' => 3]);
}

function verifyPassword($password, $hash) {

return password_verify($password, $hash);
}

// Derive encryption key from master password and user salt

function deriveEncryptionKey($masterPassword, $userSalt) {
return hash_pbkdf2('sha256', $masterPassword, $userSalt,
ENCRYPTION_KEY_ITERATIONS, 32, true);
}

// Encrypt data
function encryptData($data, $encryptionKey) {
$iv = random_bytes(16); // AES block size
$encrypted = openssl_encrypt($data, 'AES-256-CBC', $encryptionKey,
OPENSSL_RAW_DATA, $iv);

if ($encrypted === false) {

throw new Exception('Encryption failed');
}

// Combine IV and encrypted data for storage

return base64_encode($iv . $encrypted);
}

// Decrypt data
function decryptData($encryptedData, $encryptionKey) {
$data = base64_decode($encryptedData);

// Extract IV (first 16 bytes)

$iv = substr($data, 0, 16);
$encrypted = substr($data, 16);

$decrypted = openssl_decrypt($encrypted, 'AES-256-CBC', $encryptionKey,

OPENSSL_RAW_DATA, $iv);

if ($decrypted === false) {

throw new Exception('Decryption failed');
}

return $decrypted;
}

// Generate secure random password

function generateSecurePassword($length = 16, $useSpecial = true, $useNumbers =
true, $useUppercase = true) {
$lowercase = 'abcdefghijklmnopqrstuvwxyz';
$uppercase = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$numbers = '0123456789';
$special = '!@#$%^&*()-_=+[]{}|;:,.<>?';
$chars = $lowercase;
if ($useUppercase) $chars .= $uppercase;
if ($useNumbers) $chars .= $numbers;
if ($useSpecial) $chars .= $special;

$password = '';
$charsLength = strlen($chars);

for ($i = 0; $i < $length; $i++) {

$password .= $chars[random_int(0, $charsLength - 1)];
}

return $password;
}

// Check password strength

function checkPasswordStrength($password) {
$score = 0;

// Length check
if (strlen($password) >= 12) {
$score += 2;
} elseif (strlen($password) >= 8) {
$score += 1;
}

// Complexity checks
if (preg_match('/[0-9]/', $password)) $score += 1; // Has number
if (preg_match('/[a-z]/', $password)) $score += 1; // Has lowercase
if (preg_match('/[A-Z]/', $password)) $score += 1; // Has uppercase
if (preg_match('/[^a-zA-Z0-9]/', $password)) $score += 1; // Has special char

// Define strength levels

if ($score < 2) return 'Very Weak';
if ($score < 3) return 'Weak';
if ($score < 4) return 'Medium';
if ($score < 5) return 'Strong';
return 'Very Strong';
}

// Function to sanitize input

function sanitizeInput($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
return $data;
}
?>

USA Peoples Email List
83% (12)
USA Peoples Email List
816 pages
(14 Million) Cryptocurrency Bitcoin Users Email Leads Sample
100% (6)
(14 Million) Cryptocurrency Bitcoin Users Email Leads Sample
133 pages
Free Email Database of Usa
78% (9)
Free Email Database of Usa
1,915 pages
1000 Mehods
82% (11)
1000 Mehods
70 pages
netflixNEW01 01 2025
50% (2)
netflixNEW01 01 2025
6 pages
Hotmail Outlook Fresh Combo
100% (1)
Hotmail Outlook Fresh Combo
27 pages
UK 11000 Mails
90% (10)
UK 11000 Mails
154 pages
3 Million COMCAST - NET Email Leads
63% (8)
3 Million COMCAST - NET Email Leads
19 pages
Paypal Acc
100% (4)
Paypal Acc
81 pages
Leads From BG
100% (4)
Leads From BG
524 pages
1 K
76% (17)
1 K
17 pages
Free Unused ML Accounts
83% (18)
Free Unused ML Accounts
18 pages
211k Usa Mix
No ratings yet
211k Usa Mix
3,585 pages
117.7k USA Combo With Mails Access
100% (2)
117.7k USA Combo With Mails Access
1,997 pages
Netflix Passwords
67% (3)
Netflix Passwords
2 pages
Data Analysis and Property Modeling With SKUA-GOCAD Training Manual - Paradigm 15
No ratings yet
Data Analysis and Property Modeling With SKUA-GOCAD Training Manual - Paradigm 15
186 pages
Logins
67% (6)
Logins
1,578 pages
3.8k Eu, Usa Mail Access Mix Combo
No ratings yet
3.8k Eu, Usa Mail Access Mix Combo
66 pages
Mix Valid
No ratings yet
Mix Valid
2,689 pages
1 Million AOL - COM USA
100% (5)
1 Million AOL - COM USA
85 pages
Username and Password
100% (2)
Username and Password
2 pages
Process Gas Compressors
100% (1)
Process Gas Compressors
24 pages
Simple Login With CodeIgniter in PHP - Code Factory
No ratings yet
Simple Login With CodeIgniter in PHP - Code Factory
12 pages
Project Report
No ratings yet
Project Report
41 pages
Danush
0% (1)
Danush
127 pages
Chapter 4 Part1
No ratings yet
Chapter 4 Part1
43 pages
Activity 1 Information Assurance and Security 2
No ratings yet
Activity 1 Information Assurance and Security 2
7 pages
Creating A Simple PHP and MySQL-Based Login System
No ratings yet
Creating A Simple PHP and MySQL-Based Login System
14 pages
Security Consultant Guide With Code Examples
No ratings yet
Security Consultant Guide With Code Examples
12 pages
Appendix Codes
No ratings yet
Appendix Codes
227 pages
Assignment 11PHP
No ratings yet
Assignment 11PHP
10 pages
Tiny File Manager
No ratings yet
Tiny File Manager
107 pages
Codeigniter Security
No ratings yet
Codeigniter Security
24 pages
CodeIgniter 4 Auth Guide
No ratings yet
CodeIgniter 4 Auth Guide
19 pages
CodeIgniter 4 User Login & Registration Guide
No ratings yet
CodeIgniter 4 User Login & Registration Guide
16 pages
Login Security PHP
No ratings yet
Login Security PHP
19 pages
PHP, Mysql and Authentication 101
No ratings yet
PHP, Mysql and Authentication 101
9 pages
PHP Practical
No ratings yet
PHP Practical
40 pages
Mooyaa
No ratings yet
Mooyaa
2 pages
How To Secure Password Using Bcrypt in PHP
No ratings yet
How To Secure Password Using Bcrypt in PHP
5 pages
Scripting Assi
No ratings yet
Scripting Assi
24 pages
Dbfunctions
No ratings yet
Dbfunctions
1 page
Attendance App Login Page
No ratings yet
Attendance App Login Page
16 pages
PHP Coding
No ratings yet
PHP Coding
20 pages
Error Handling in PHP: Die Exit
No ratings yet
Error Handling in PHP: Die Exit
21 pages
PHP
No ratings yet
PHP
11 pages
PHP Simple Login TUtorial
No ratings yet
PHP Simple Login TUtorial
6 pages
Practive 1 Php&Mysql SDLC
No ratings yet
Practive 1 Php&Mysql SDLC
22 pages
The Login Form
No ratings yet
The Login Form
2 pages
P Do Tutorial
No ratings yet
P Do Tutorial
25 pages
Assignment - Section 3
No ratings yet
Assignment - Section 3
2 pages
Mecw
No ratings yet
Mecw
59 pages
Driver
No ratings yet
Driver
14 pages
Class & Homework Solutions: 1. Webapp1: Login App, Storing Credentials in Array Webapp1.html
No ratings yet
Class & Homework Solutions: 1. Webapp1: Login App, Storing Credentials in Array Webapp1.html
16 pages
If ($model - Row ('User - Hivi') $user && $model - Row ('Pass - Hivi') $pass && $model - Row ('State - User') 1) (
No ratings yet
If ($model - Row ('User - Hivi') $user && $model - Row ('Pass - Hivi') $pass && $model - Row ('State - User') 1) (
1 page
Using PHP and MySQL in Android To Manage Records
No ratings yet
Using PHP and MySQL in Android To Manage Records
38 pages
Login
No ratings yet
Login
2 pages
Creating Multi User Role Based Admin Using PHP Mysql and Bootstrap
No ratings yet
Creating Multi User Role Based Admin Using PHP Mysql and Bootstrap
8 pages
Include Include
No ratings yet
Include Include
6 pages
Webshell Script Analysis
0% (1)
Webshell Script Analysis
36 pages
Activity 4 Documentation
No ratings yet
Activity 4 Documentation
31 pages
Bs ImageArchive - Howto
No ratings yet
Bs ImageArchive - Howto
8 pages
Chapter 5
No ratings yet
Chapter 5
21 pages
PHP Password Encryption Security
No ratings yet
PHP Password Encryption Security
16 pages
Notif Login
No ratings yet
Notif Login
3 pages
Tiny
No ratings yet
Tiny
83 pages
29/03/2011 05. Developer's Guide
No ratings yet
29/03/2011 05. Developer's Guide
72 pages
Register Page Code
100% (1)
Register Page Code
4 pages
Secure Web
No ratings yet
Secure Web
8 pages
Ion Auth Docs PDF
No ratings yet
Ion Auth Docs PDF
36 pages
Login and Signup Form Using PHP and MySQL With Validation
No ratings yet
Login and Signup Form Using PHP and MySQL With Validation
13 pages
Zpmail
No ratings yet
Zpmail
2 pages
PHP Lab Program
No ratings yet
PHP Lab Program
22 pages
Login Script
No ratings yet
Login Script
7 pages
Coding
No ratings yet
Coding
24 pages
PHP Coding Sample Question
No ratings yet
PHP Coding Sample Question
63 pages
Downloaded From
No ratings yet
Downloaded From
6 pages
Osc - Experiment - 6
No ratings yet
Osc - Experiment - 6
11 pages
Web Lec PHP Auth
No ratings yet
Web Lec PHP Auth
26 pages
PHP Form Validation & CRUD Guide
No ratings yet
PHP Form Validation & CRUD Guide
10 pages
SERVER
No ratings yet
SERVER
2 pages
Logins 2074
No ratings yet
Logins 2074
1,018 pages
User IDs and Emails List
No ratings yet
User IDs and Emails List
18 pages
Buyer List
No ratings yet
Buyer List
1 page
Entrega
No ratings yet
Entrega
4 pages
Inbox - Jervalferez@gmail - Com - Gmail
No ratings yet
Inbox - Jervalferez@gmail - Com - Gmail
1 page
50K
No ratings yet
50K
848 pages
163K Fresh Lines - 2024-10-04
No ratings yet
163K Fresh Lines - 2024-10-04
3,973 pages
20 Id
No ratings yet
20 Id
1 page
UrlLoginPass 2
No ratings yet
UrlLoginPass 2
27 pages
Assignment 2 082
No ratings yet
Assignment 2 082
3 pages
Week 12
No ratings yet
Week 12
3 pages
Het Awd
No ratings yet
Het Awd
17 pages
10&11 Week
No ratings yet
10&11 Week
5 pages
ICS Assignment 1
No ratings yet
ICS Assignment 1
2 pages
Dsa Swayam
No ratings yet
Dsa Swayam
3 pages
The Diagnostic Process: Learning Objectives Key Terms
No ratings yet
The Diagnostic Process: Learning Objectives Key Terms
21 pages
Object Oriented Programming Tutorial
No ratings yet
Object Oriented Programming Tutorial
61 pages
Fall 2011 - CS502 - 1
No ratings yet
Fall 2011 - CS502 - 1
3 pages
Week 4 Cyber Attacks On Online Learning Platforms Transcript
No ratings yet
Week 4 Cyber Attacks On Online Learning Platforms Transcript
3 pages
Single Axis Solar Tracking System Using Microcontroller (ATmega328) and Servo Motor
No ratings yet
Single Axis Solar Tracking System Using Microcontroller (ATmega328) and Servo Motor
4 pages
Network Configuration: 69-3 Nguyen Thi Nho, P9, Q.Tbinh, Tp. HCM
No ratings yet
Network Configuration: 69-3 Nguyen Thi Nho, P9, Q.Tbinh, Tp. HCM
20 pages
Form5 Accounting HHW December 2022
No ratings yet
Form5 Accounting HHW December 2022
15 pages
Pothole Detection via Lightweight Networks
No ratings yet
Pothole Detection via Lightweight Networks
90 pages
IEEE Paper Batch02
No ratings yet
IEEE Paper Batch02
4 pages
Weak-Measurement Elements of Reality: Lev Vaidman
No ratings yet
Weak-Measurement Elements of Reality: Lev Vaidman
11 pages
3408-Data Structure
No ratings yet
3408-Data Structure
3 pages
Project Report
No ratings yet
Project Report
88 pages
L.O Electronics
No ratings yet
L.O Electronics
8 pages
Expert Frontend Developer Portfolio
No ratings yet
Expert Frontend Developer Portfolio
1 page
Prototype CNC Machine Design PDF
No ratings yet
Prototype CNC Machine Design PDF
6 pages
Regulatory Compliance for HP Devices
No ratings yet
Regulatory Compliance for HP Devices
3 pages
Cloud Computing Unit-2 PPT - PPSX
No ratings yet
Cloud Computing Unit-2 PPT - PPSX
46 pages
Abb E-Clipse Bypass Configurations (BCR, BDR, VCR, or VDR) For Ach 550 User Manual
No ratings yet
Abb E-Clipse Bypass Configurations (BCR, BDR, VCR, or VDR) For Ach 550 User Manual
100 pages
Cloud Computing Unit-1 Notes
No ratings yet
Cloud Computing Unit-1 Notes
16 pages
Keyword Protocol 2000 - Part 1 - Physical Layer - Swedish
No ratings yet
Keyword Protocol 2000 - Part 1 - Physical Layer - Swedish
12 pages
Anaconda Training PDF
100% (1)
Anaconda Training PDF
2 pages
25 Cleverly Designed Minimal Logo Designs For Inspiration - Designbeep
No ratings yet
25 Cleverly Designed Minimal Logo Designs For Inspiration - Designbeep
13 pages
FACTORS INFLUENCING ADOPTION OF E-PROCUREMENT IN HUMANITARIAN ORGANIZATIONS (A Case of Norwegian Refugee Council - Kakuma Refugee Camp
100% (1)
FACTORS INFLUENCING ADOPTION OF E-PROCUREMENT IN HUMANITARIAN ORGANIZATIONS (A Case of Norwegian Refugee Council - Kakuma Refugee Camp
72 pages
EEE363.2 Mid SU2020 Pineapple
No ratings yet
EEE363.2 Mid SU2020 Pineapple
2 pages
2 Static & Dynamic Web Pages
No ratings yet
2 Static & Dynamic Web Pages
24 pages
The Pixar Story
No ratings yet
The Pixar Story
5 pages
Wireless Printer Manual
No ratings yet
Wireless Printer Manual
16 pages
Practical SS7, Part 3
No ratings yet
Practical SS7, Part 3
7 pages

Password Vault PHP - PHP

Uploaded by

Password Vault PHP - PHP

Uploaded by

<?

// Establish database connection

// Secure session configuration

// Function to check if user is logged in

// Update last activity time

// Generate CSRF token

// Verify CSRF token

// Security utility functions

function verifyPassword($password, $hash) {

// Derive encryption key from master password and user salt

if ($encrypted === false) {

// Combine IV and encrypted data for storage

// Extract IV (first 16 bytes)

$decrypted = openssl_decrypt($encrypted, 'AES-256-CBC', $encryptionKey,

if ($decrypted === false) {

// Generate secure random password

for ($i = 0; $i < $length; $i++) {

// Check password strength

// Define strength levels

// Function to sanitize input

You might also like