Fatal Error: can't redeclare hash

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
dyr
Forum Newbie
Posts: 22
Joined: Fri Mar 02, 2012 2:34 pm

Fatal Error: can't redeclare hash

Post by dyr »

Hi folks! I've been trying to get a decent working login, and of course this includes a register portion. It seems to work fine, however after I register, it says Fatal Error: Cannot redeclare hash() and no information is processed.

I know the hash function already comes with php so I shouldn't redeclare it like I am, but I'm a bit confused on how would I create a salt/hash without declaring it? Here's the entire register script I have, the salts and hashes I added for (supposedly, from my readings anyway) better security.

Code: Select all

include('config.php');

if($loggedin == '1')
die('You can't register another account while you're logged in.');

if(isset($_POST['submit']))
{
$uname = trim($_POST['username']);
	
function hash($pass) {
    $hash = hash('sha256', $pass);
	
function createSalt()
{
    $string = md5(uniqid(rand(), true));
    return substr($string, 0, 3);
}

$salt = createSalt();
$hash = hash('sha256', $salt . $hash);
$uname = mysql_real_escape_string($uname);
}

if((!isset($_POST['username'])) || (!isset($_POST['pass']))
|| ($uname == '') || ($_POST['pass'] == ''))
die("Please fill out the form completely. <br><br>
<a href=register.php>Continue</a>");

$check = @mysql_query("SELECT id FROM players WHERE username = '$uname'");
$check = @mysql_num_rows($check);

if($check > 0)
die("Sorry, that username has already been taken. Please try again.
<br><br>
<a href=register.php>Continue</a>");

$pass = md5($_POST['pass']);


$newPlayer = @mysql_query("INSERT INTO players (username, password, registered) VALUES ('$username','$hash','$salt')") or die("Error: ".mysql_error());

echo 'You have been registered! You may now <a href=index.php>Log in</a>.';

}
else
{

echo '<form action=register.php method=post>
Username: <input type=text name=username><br>
Password: <input type=password name=pass><br>
<input type=submit name=submit value=Submit>
</form>';

}
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: Fatal Error: can't redeclare hash

Post by Celauran »

Why do you feel the need to redeclare it? Your hash function isn't really doing anything anyway. Use the built-in hash function. Better yet, use bcrypt().
TonsOfFun
Forum Commoner
Posts: 54
Joined: Wed Jun 02, 2010 7:37 pm

Re: Fatal Error: can't redeclare hash

Post by TonsOfFun »

Why do you need to declare it? It looks like you just use PHP's native hash function.

If there is a reason you need it, just name it something else like my_hash();
dyr
Forum Newbie
Posts: 22
Joined: Fri Mar 02, 2012 2:34 pm

Re: Fatal Error: can't redeclare hash

Post by dyr »

Celauran wrote:Why do you feel the need to redeclare it? Your hash function isn't really doing anything anyway. Use the built-in hash function. Better yet, use bcrypt().
Bcrypt makes it a lot more secure, thanks for the link! From reading it seems bcrypt bogs down the server a lot, as it takes more time for users to log in (correct me if I'm wrong and just misunderstood). Is there a simple-way to counteract this slowness besides buying faster servers/hosting?
User avatar
Celauran
Moderator
Posts: 6427
Joined: Tue Nov 09, 2010 2:39 pm
Location: Montreal, Canada

Re: Fatal Error: can't redeclare hash

Post by Celauran »

The slowness isn't an issue for individual users. It still only takes a fraction of a second to hash a password; less time than it takes the user to enter it. Blowfish being slow benefits you if your database has been compromised and the attacker is free to brute force until his heart's content.
Post Reply