01.12.2014, 23:49
Quote:
Downloaded v2.2.3 and updated the files.
it continues to say that there is a new version although it say above that it loaded version 2.2.3 Yes with password_verify($input, $hashed_password_from_db); |
Quote:
It's impossible because even if you enter exactly the same caracrtere chain, bcrypt hash of another ways ...
Show me a code example ^^ |
PHP Code:
<?php
$password = 'Hello World!';
$hash = '$2y$12$D62QnfKU1bYMTode2W7UVeMb7maqY.Y7TCdWgQzj44HuOBK47Ej1Wl';
if(password_verify($password, $hash))
{
// Match
}
else
{
// No match
}
PHP Code:
<?php
/**
* Attempt to login using the given username and password. (simple example)
* @param string $username The username given by the user
* @param string $password The password given give the user
* @return boolean True if the login was successful, otherwise false
*/
public function login($username, $password)
{
$success = false;
$get_password_q = "SELECT `id`, `password` FROM `users` WHERE `username` = ?";
if($stmt = $db->prepare($get_password_q))
{
$stmt->bind_param("s", $username);
$stmt->execute();
$stmt->store_result();
$stmt->bind_result($id, $hash);
if($stmt->num_rows)
{
if(password_verify($password, $hash))
{
// Correct password
$success = true;
}
else
{
// Wrong password
}
}
else
{
// The user does not exist
}
$stmt->close();
}
return $success;
}