Jump to content

cjburkey01

Members
  • Posts

    17
  • Joined

  • Last visited

cjburkey01's Achievements

Newbie

Newbie (1/5)

1

Reputation

  1. I have just discovered my error. It was extreme stupidity: $sql -> bindParam(":password", password_hash($email, PASSWORD_DEFAULT)); should be $sql -> bindParam(":password", password_hash($password, PASSWORD_DEFAULT)); in the register form. *sigh* Yup
  2. So, basically, I have a simple database where users are stored. password_hash is used to insert the passwords, but for some reason, this code: $sql = $conn -> prepare("SELECT `password` FROM `users` WHERE `email`=:email LIMIT 1"); $sql -> bindParam(":email", $email); $sql -> execute(); $out = $sql -> fetch(); print_r(password_verify($password, trim($out['password'])) . " - " . $password . " - " . $out[0]); die(); displays this: - spice - $2y$10$YOVX2MCk8KSpUuii5fEQ5.OUmRh09lEfF.wZ65jh4.PUB5wSgdHim Even if I was using the wrong password, shouldn't it at least return false? Is this some part of a new feature in PHP 7?
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.