PHP password_verify() doesn't seem to work

前端未结

关注

 2  1061

I have been going through the password_hash() and password_verify() methods in PHP and I\'ve been trying to include that in my code. I can\'t seem to g

相关标签:

2条回答

北荒

2021-01-29 11:59

$signin_password=$_POST['signin_password'];

$hash = password_hash($dbpassword, PASSWORD_DEFAULT);

if (password_verify($signin_password, $hash)) 

 {

   echo 'Password is valid!';

 } 

 else 

 {

   echo 'Invalid password.';

 }

Try with this :) Better option is just build your own query.

0 讨论(0)

闹比i

2021-01-29 12:01
Problem does not lie in password_verify but in way that you build your query:
```
`$sql ="SELECT First_name, Last_name,Password FROM customer WHERE Email=? AND Password=? LIMIT 1";
```
You bind $signin_password to that query and it contains not hashed value from $_POST.

There are 2 solutions:

1) remove AND Password=? from your query - you will check your password with password_verify

2) change $signin_password to:
```
$signin_password=password_hash($_POST['signin_password']);
```
(but this way using password_verify is kind of irrelevant.
0 讨论(0)
发布评论:

提交评论
- 加载中...