Search the Community

Hello everyone, so I just had PHP 5.5.5 installed on my server so that I could take advantage of the new password hashing API, but I'm having problems, it's not validating as true... Here's my login script code <? if (isset($_POST['loginform'])) { session_start(); require "../includes/connection.inc"; require "../includes/functions.php"; $Uname = clean($_POST['Username']); $Username = strtolower($Uname); $Password = clean($_POST['Password']); $sql = "SELECT ExaminerID, ExaminerName, ExaminerEmail, ExaminerPassword FROM Examiners WHERE ExaminerUsername = ? AND ExaminerPassword = ?"; if ($stmt = $mysqli -> prepare($sql)) { $stmt -> bind_param("ss", $Username, $Password); $stmt -> execute(); $stmt -> bind_result($ExaminerID, $ExaminerName, $ExaminerEmail, $ExaminerPassword); $stmt -> fetch(); if (password_verify($Password, $ExaminerPassword)) { session_regenerate_id(); $_SESSION['ExaminerID'] = $ExaminerID; $_SESSION['ExaminerName'] = $ExaminerName; $_SESSION['ExaminerEmail'] = $ExaminerEmail; session_write_close(); $stmt -> close(); $mysqli -> close(); header("location: https://*****************/index.php"); } else { $stmt -> close(); $mysqli -> close(); header("location: login.php?failed"); exit(); } } else { $stmt -> close(); $mysqli -> close(); header("location: login.php?failed"); exit(); } } ?>