devilsvein Posted November 29, 2012 Share Posted November 29, 2012 (edited) Making a login page and using phpass. if( $page_mode == 'Login' ) { require "globe.php"; //db connect $username = htmlentities($_POST['username']); $username = mysqli_real_escape_string($mysqli, $username); $password = $_POST['password']; $query = mysqli_query($mysqli, "SELECT * FROM Persons WHERE Username = '$username'"); $row = mysqli_fetch_assoc($query); $numrows = mysqli_num_rows($query); $dbuser = $row['Username']; $hash_cost_log2 = 8; $hash_portable = FALSE; $hasher = new PasswordHash($hash_cost_log2, $hash_portable); if( ($username == '') || ($password == '') ) { $error_string .= '<font color=red>You have left either the username or password field blank!</font>'; } else if ($numrows == 1) { if ($dbuser == $username) { if ($hasher->CheckPassword($password, $hash)) { //$hash is the hash retrieved from the DB $error_string .= '<font color=red>so far so good!</font>'; } else { $error_string .= '<font color=red>Please enter a valid username and password</font>'; } } } else { $error_string .= '<font color=red>No username can be found! (2)</font>'; } } if ($hasher->CheckPassword($password, $hash)) keeps returning false. therefore not authetinticating the password. Does anyone know why this is Edited November 29, 2012 by devilsvein Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.