ユーザー認証 – ソフトウェアエンジニアの技術ブログ：Software engineer tech blog

<?php
    $admin_password = "m9k7PZRgG8SAySmG";
    $dataFile = dirname(__FILE__).'/data/userauth.data';
    $iv_a = &#91;177,108,37,2,26,148,178,3,72,100,27,156,62,231,205,83&#93;;
    $enc_iv = implode('', array_map('chr', $iv_a));

    $info = "";
    $m = empty($_POST&#91;'m'&#93;) ? '' : $_POST&#91;'m'&#93;;
    if($m == 'add') $info = m_add();
    if($m == 'get') $info = m_get();

    function m_add() {
        $userId = empty($_POST&#91;'userId'&#93;) ? '' $_POST&#91;'userId'&#93;;
        $password = empty($_POST&#91;'password'&#93;) ? '' : $_POST&#91;'password'&#93;;
        $secret = empty($_POST&#91;'secret'&#93;) ? '' : $_POST&#91;'secret'&#93;;
        if ($userId == "" || $password == "" || $secret == ""){
            return "ユーザー情報を正しく入力してください";
        }
        putUserData(&#91;
        'userId'=>$userId, 'password'=>$password,
                    'secret'=>$secret]);
        return "保存しました";
    }

   //ユーザーデータを追加　---(*3)
    function putUserData($user){
        global $dataFile, $enc_iv, $admin_password;
        
        $salt = base64_encode(openssl_random_pseudo_bytes(16));
        $password = $user['password'];
        $user['password'] = hash('sha256', $password.$salt);
        $user['salt'] = $salt;
        $secret = openssl_encrypt(
        $user['secret'], 'aes-256-cbc',
                                  $password.$salt, 0, $enc_iv);
        $user['secret']= $secret;
        $data = getUserData();
        $data[$user['userId']] = $user;
        $json = json_encode($data);
        print_r($data, $json);
        $enc = openssl_encrypt($json, 'aes-256-cbc', $admin_password, 0, $enc_iv);
        file_put_contents($dataFile, $enc);
    }

// user transaction
    function m_get(){
        global $enc_iv;
        $userId = empty($_POST['userId']) ? '' : $_POST['userId'];
        $password = empty($_POST['password']) ? '' : $_POST['password'];
        if ($userId == "")return "input is empty";
        $data = getUserData();
        if (!isset($data[$userId])) return "情報に誤りがあります";
        $u = $data[$userId];
        $salt = $u['salt'];
        $pw_hash = hash('sha256', $password.$salt);
        if ($u['password'] != $pw_hash) return "情報にあやまりがあります";
        $secret_raw = $u['secret'];
        $secret = openssl_decrypt($secret_raw, "aes-256-cbc",
                                  $password.$salt, 0, $enc_iv);
        $secret_ = htmlentities($secret);
        return "<div class='read'><h3>ユーザー認証成功</h3>".
        "<ul><li>userId: $userId</li>".
        "<li>secret: $secret_</li></ul></div>";
    }

// get user data
    function getUserData(){
        global $dataFile, $enc_iv, $admin_password;
        $data = [];
        if (file_exists($dataFile)){
            $raw = file_get_contents($dataFile);
            $json = openssl_decrypt($raw, "aes-256-cbc",
                                    $admin_password, 0, $enc_iv);
            $data = json_decode($json, true);
        }
        return $data;
    }
?>
<html><meta charset="utf-8">
<body><style>
.read { background-color: #e0e0fc; padding: 10px; }
    form { margin-left: 10px; }
</style>
    <?php echo $info; ?>
    <h2>ユーザーの参照</h2>
    <form method="post">
    <input type="hidden" name="m" value="get">
    userId:<br><input name="userId"><br>
    password:<br><input type="password" name="password"><br>
    <input type="submit" value="参照">
</form>

<hr><h2>ユーザーの追加</h2>
<form method="post">
    <input type="hidden" name="m" value="add">
    userId:<br><input name="userId"><br>
    password:<br><input type="password" name="password"><br>
    secret(秘密のメモ):<br><input name="secret"><br>
    <input type="submit" value="add">
    </form>
</body></html>