I'm using Mr. Andrew Moore's method (How do you use bcrypt for hashing passwords in PHP?) of hashing user's password. What I did is I have a registration page and it uses
$bcrypt = new Bcrypt(12);
$pass = $_POST['password']; //register password field
$hash= $bcrypt->hash($pass);
// then inserts $hash into database with users registered email (I've checked my mysql database and it indeed has an hashed item
Then I have a login page, consisting of email and password fields. My thought is that email addresses are unique in my database. So with that in mind, I made a script where it check's users email address first, then if there is an existing one, verify the hash password with this
$bcrypt = new Bcrypt(12);
$email = $_POST['email']; //from login email field
$pass_l = $_POST['password']; // from login password field
$hash_1= $bcrypt->hash($pass_1);
$chk_email= $dbh->prepare("SELECT password FROM table WHERE email = ?");
$chk_email -> execute(array($email));
while($row = $chk_email->fetch(PDO::FETCH_ASSOC)){
$chk_pass = $row['password']; //inside a while loop to get the password
$pass_isGood = $bcrypt->verify($hash_1, $chk_pass);
var_dump($pass_isGood); // I'm getting false
}
I'm not sure what I'm doing wrong, I'm supposed to get true. And I have set my tablefield to text
or even varchar(256)
PHP is an open-source server-side scripting language that many devs use for web development. It is also a general-purpose language that you can use to make lots of projects, including Graphical User Interfaces (GUIs).
Learn PHP. PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages. PHP is a widely-used, free, and efficient alternative to competitors such as Microsoft's ASP.
PHP is used for server-side programming which will interact with databases to retrieve information, storing, email sending, and provides content to HTML pages to display on the screen. HTML is used for specifying colors, text formatting, aligning, etc. PHP is easy to learn but not as much as HTML.
Python is better than PHP in long term project. PHP has low learning curve, it is easy to get started with PHP. Compare to PHP Python has lower number of Frameworks. Popular ones are DJango, Flask.
Using Andrew Moore's class, you need to call the class verify()
method to verify that the user's password matches the hash. The two parameters you pass to it are the plaintext password the user entered and the hash that you stored in the database.
It seems you passed a second hashed password to verify()
instead, which is why it's not working. Pass in the plaintext password as the first argument.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With