Rudis1261/index.php

## index.php
<html>
    <head>
        <style>

            #passwordContainer
            {
                line-height:    30px;
                font-size:      30px;
            }

            input.passwordInput
            {
                line-height:    30px;
                font-size:      30px;
                margin:         0px 4px;
                padding:        0px;
                border:         1px solid #ccc;
                color:          #ccc;
                text-align:     center;
            }

            input.passwordLogin
            {
                padding:        10px 20px;
                line-height:    20px;
                font-size:      16px;
            }
        </style>
    </head>
    <body>

<?php

# Start the session
session_start();

$max = 5;

# Define the password
$password = 'eukunuba';

# Get the random keys from session
$_SESSION['comparison']     = (isset($_SESSION['comparison']))  ? $_SESSION['comparison']       : array_rand(str_split($password), ceil(strlen($password) / 3));
$_SESSION['attempts']       = (isset($_SESSION['attempts']))    ? $_SESSION['attempts'] + 1     : 0;

# DELETE THIS AFTER TESTING
if (isset($_REQUEST['clear']))
{
    unset($_SESSION['attempts']);
    unset($_SESSION['comparison']);
}
# DELETE THIS AFTER TESTING

# Block a user should they exceed attempts
if ($_SESSION['attempts'] > $max)
{
    die("Maximum attempts exceeded!");
}

# Function to generate the password prompt
function getPasswordPrompt($password)
{
    # Split the password into an array
    $split = str_split($password);

    $out = '<div id="passwordContainer">';

    # Loop through the split password
    foreach($split as $id => $char)
    {
        # Is it one of the characters that should be hidden
        if (in_array($id, $_SESSION['comparison']))
        {
            $out .= '<input type="password" name="answer[]" class="passwordInput" size="1" />';
        }

        # Otherwise just print the character
        else
        {
            $out .= strtoupper($char);
        }
    }

    $out .= '</div>';
    return $out;
}

function validatePassword($password)
{
    # Split the password into an array
    $split      = str_split($password);

    # Attempt to get the answer
    $answer     = (isset($_REQUEST['answer'])) ? $_REQUEST['answer'] : false;
    $indexes    = array();
    $error      = 0;

    # Attempt to find the character in the password
    foreach($answer as $i=>$find)
    {
        # Ensure that the index exists and that it is in the right place
        //echo $split[$_SESSION['comparison'][$i]] . " - " . $find;
        if ((isset($split[$_SESSION['comparison'][$i]])) AND ($split[$_SESSION['comparison'][$i]] !== $find))
        {
            $error += 1;
        }
    }

    # Success
    if ($error == 0)
    {
        # Unset attempts and return true
        if (isset($_SESSION['attempts'])) unset($_SESSION['attempts']);
        return true;
    }

    # Default to a false
    return false;
}

# Check if the form has been submitted and validate the password.
if (isset($_REQUEST['attemptSypherLogin']))
{
    # Validate the user's input
    $validate = validatePassword($password);

    # Auth Success
    if ($validate)
    {
        echo "<h1>Welcome user!</h1>";
        die();
    }

    # Auth Failure
    else
    {
        echo "<h1 style='color: red;'>Sorry, I don't know you!</h1>";
    }
}

echo "<form method='post'>
        Attempt: " . (int)$_SESSION['attempts'] . "/" . $max . "<br />"
        . getPasswordPrompt($password) . "
        <br />
        <input type='submit' class='passwordLogin' name='attemptSypherLogin' value='Login' />
    </form>";

?>
    </body>
    <script src="//code.jquery.com/jquery-1.10.2.min.js"></script>
    <script>

        // Hook into the document ready
        $( document ).ready(function() {

            // When things are started
            $(".passwordInput").bind("click focus", function() {
                $(this).css({ 'color' : 'black' });
            });

            // Detect a keyup event to move on
            $(".passwordInput").bind("keyup", function(event) {

                //console.log(event.keyCode);
                if ((event.keyCode != 8) && (event.keyCode != 9) && (event.keyCode !== 16) && ($(this).val() != ""))
                {
                    // Move to the next item automatically
                    $(this).next('input.passwordInput').focus();
                }
            });

        });

    </script>
</html>
	<html>
	<head>
	<style>

	#passwordContainer
	{
	line-height: 30px;
	font-size: 30px;
	}

	input.passwordInput
	{
	line-height: 30px;
	font-size: 30px;
	margin: 0px 4px;
	padding: 0px;
	border: 1px solid #ccc;
	color: #ccc;
	text-align: center;
	}

	input.passwordLogin
	{
	padding: 10px 20px;
	line-height: 20px;
	font-size: 16px;
	}
	</style>
	</head>
	<body>

	<?php

	# Start the session
	session_start();

	$max = 5;

	# Define the password
	$password = 'eukunuba';

	# Get the random keys from session
	$_SESSION['comparison'] = (isset($_SESSION['comparison'])) ? $_SESSION['comparison'] : array_rand(str_split($password), ceil(strlen($password) / 3));
	$_SESSION['attempts'] = (isset($_SESSION['attempts'])) ? $_SESSION['attempts'] + 1 : 0;

	# DELETE THIS AFTER TESTING
	if (isset($_REQUEST['clear']))
	{
	unset($_SESSION['attempts']);
	unset($_SESSION['comparison']);
	}
	# DELETE THIS AFTER TESTING

	# Block a user should they exceed attempts
	if ($_SESSION['attempts'] > $max)
	{
	die("Maximum attempts exceeded!");
	}

	# Function to generate the password prompt
	function getPasswordPrompt($password)
	{
	# Split the password into an array
	$split = str_split($password);

	$out = '<div id="passwordContainer">';

	# Loop through the split password
	foreach($split as $id => $char)
	{
	# Is it one of the characters that should be hidden
	if (in_array($id, $_SESSION['comparison']))
	{
	$out .= '<input type="password" name="answer[]" class="passwordInput" size="1" />';
	}

	# Otherwise just print the character
	else
	{
	$out .= strtoupper($char);
	}
	}

	$out .= '</div>';
	return $out;
	}

	function validatePassword($password)
	{
	# Split the password into an array
	$split = str_split($password);

	# Attempt to get the answer
	$answer = (isset($_REQUEST['answer'])) ? $_REQUEST['answer'] : false;
	$indexes = array();
	$error = 0;

	# Attempt to find the character in the password
	foreach($answer as $i=>$find)
	{
	# Ensure that the index exists and that it is in the right place
	//echo $split[$_SESSION['comparison'][$i]] . " - " . $find;
	if ((isset($split[$_SESSION['comparison'][$i]])) AND ($split[$_SESSION['comparison'][$i]] !== $find))
	{
	$error += 1;
	}
	}

	# Success
	if ($error == 0)
	{
	# Unset attempts and return true
	if (isset($_SESSION['attempts'])) unset($_SESSION['attempts']);
	return true;
	}

	# Default to a false
	return false;
	}

	# Check if the form has been submitted and validate the password.
	if (isset($_REQUEST['attemptSypherLogin']))
	{
	# Validate the user's input
	$validate = validatePassword($password);

	# Auth Success
	if ($validate)
	{
	echo "<h1>Welcome user!</h1>";
	die();
	}

	# Auth Failure
	else
	{
	echo "<h1 style='color: red;'>Sorry, I don't know you!</h1>";
	}
	}

	echo "<form method='post'>
	Attempt: " . (int)$_SESSION['attempts'] . "/" . $max . "<br />"
	. getPasswordPrompt($password) . "
	<br />
	<input type='submit' class='passwordLogin' name='attemptSypherLogin' value='Login' />
	</form>";

	?>
	</body>
	<script src="//code.jquery.com/jquery-1.10.2.min.js"></script>
	<script>

	// Hook into the document ready
	$( document ).ready(function() {

	// When things are started
	$(".passwordInput").bind("click focus", function() {
	$(this).css({ 'color' : 'black' });
	});

	// Detect a keyup event to move on
	$(".passwordInput").bind("keyup", function(event) {

	//console.log(event.keyCode);
	if ((event.keyCode != 8) && (event.keyCode != 9) && (event.keyCode !== 16) && ($(this).val() != ""))
	{
	// Move to the next item automatically
	$(this).next('input.passwordInput').focus();
	}
	});

	});

	</script>
	</html>