Password_Verify Wont Return a Value

Question

im trying to make a Login System for my Website, i am able to Hash a password and insert the Hashed Data into the Database, however retrieving it is a little bit different.

I Am Making my Page search for the (Hashed Password) for the Given Username in the previous page, as well as the given Password from the previous page. Then getting my code to see if the two passwords match, however, i don't get a value return. And Yes, i am Echoing it, and suggestions?

<?php
session_start();

include 'dbh.php';

$Username = $_POST['Username'];
$Password = $_POST['Password'];

$sql = "SELECT * FROM account WHERE Username='$Username'";
$result = $conn->query($sql);
while ($row = $result->fetch_assoc()) {
    $UsernameActualhashedPassword = $row['Password'];
}

$input = $Password;

echo $input;
echo $UsernameActualhashedPassword;
echo password_verify($input, $UsernameActualhashedPassword);

what is the value of num_rows in $result? – flamelite Aug 11 '17 at 06:12 — flamelite, Aug 11 '17 at 06:12

flamelite · Answer 1 · 2017-08-11T09:31:29.997

0

Try this one and look for Sanitizing user for secure login

<?php
session_start();

include 'dbh.php';

$Username = $_POST['Username'];
$Password = $_POST['Password'];
$hashpass = hash_fun($password); // use the same hash function which you have used in the signup
$sql = "SELECT count(*) FROM account WHERE Username='$Username' and 
password='$hashpass'";
 $result = $conn->query($sql);
 if($result>0)
  echo "Login success";
 else echo "wrong username or password";
?>

edited Aug 11 '17 at 09:31

answered Aug 11 '17 at 06:23

flamelite

2,654
3
22
42

I had a look because I have hashed the password when the user signed up this doesn't work. Got any other idea? – JoshuaMicallef Aug 11 '17 at 09:21
Sorry i forgot to mention that hash function, i have modified the same now that will work in your case. – flamelite Aug 11 '17 at 09:32

Password_Verify Wont Return a Value

1 Answers1