PHP password_verify() doesn't seem to work

Question

I have been going through the password_hash() and password_verify() methods in PHP and I\'ve been trying to include that in my code. I can\'t seem to g

Answer 1

Problem does not lie in password_verify but in way that you build your query:

`$sql ="SELECT First_name, Last_name,Password FROM customer WHERE Email=? AND Password=? LIMIT 1";

You bind $signin_password to that query and it contains not hashed value from $_POST.

There are 2 solutions:

1) remove AND Password=? from your query - you will check your password with password_verify

2) change $signin_password to:

$signin_password=password_hash($_POST['signin_password']);

(but this way using password_verify is kind of irrelevant.