php - password_verify keeps returning false and I can't find answer anywhere -


password verify returns false. i've seen every answer here, none of helped. password field varchar(255). when var_dump password database, shows string(60) , password correct function still returns false. here code stores in database:

if(empty($_post['pass'])) {     $passerr = "password required!";     $errors[] = "pass error"; } else {     $pass = test_input($_post["pass"]);      if(!preg_match("/^(?=.*[a-za-z])(?=.*\d)[a-za-z\d]{8,}$/", $pass)) {         $passerr = "password not formed";         $errors[] = "pass error";     } else {         $pass_hashed = password_hash($pass, password_default);      } } $hash_ver = md5(rand(0, 1000)); $status = ""; $stm = $conn->prepare("insert user values(?, ?, ?, ?, ?, ?, ?, ?)");  $stm->bind_param("sssssssi", $id, $pass_hashed, $email, $fname, $lname, $hash_ver, $status, $id_role);  $stm->execute(); echo strlen($pass_hashed);

and part of login script

if(count($array) != 0) {     echo "<script>alert('ima gresaka')</script>"; } else {      include('connectionfile/connection.php');       $stmt = $conn->prepare("select `name`,`last_name`,`status_verif`,`email`,`password` user `email`=?");     $stmt->bind_param("s", $email);     $stmt->execute();      if($res = $stmt->get_result()) {         $count = $res->num_rows;          if($count == 1) {              $row = $res->fetch_assoc();             $passwordb = $row['password'];              //echo "<p>".$passwordb."</p>";              $verify = password_verify($pass, $passwordb);              if($verify) {                 echo "<script>alert('password match')</script>";             } else {                 var_dump($verify);                 var_dump($passwordb);                 echo "<script>alert('password doesnt match')</script>";             }          } else {             echo "<script>alert('0 rows')</script>";         }      } else {         echo "<script>alert('no rows @ all')</script>";     }  }

there two possible reasons. :

  • 1) $pass = test_input($_post["pass"]);

    the function test_input() $_post['pass'] string, unknown user. also, value of $pass not declared in second code block.

  • 2) 

           $stm = $conn->prepare("insert user values(?, ?, ?, ?, ?,                             ?, ?, ?)");        $stm->bind_param("sssssssi", $id,$pass_hashed,         $email,$fname,$lname, $hash_ver,$status, $id_role);

    the value inserting not inserted correct sql column or value extracting sql not correct column, maybe you're extracting , comparing md5 hash inserted?

it helpful if can show example output, such you'revar_dump values state.

it helpful show how $pass set in second code block test_input in first code block.

various parts of code improvement.

additionally, think logic structure -- if $pass doesn't fit preg_match? still inserted database. need catch these sorts of flow issues.

read how display php error logs, or better yet, dump them file read in ide.


Comments

Post a Comment

Popular posts from this blog

python - Selenium remoteWebDriver (& SauceLabs) Firefox moseMoveTo action exception -

while performing simple hover test on firefox through selenium (3.4.0) python bindings (3.4.3) using of available os in saucelabs (except linux, latest available firefox version old), performing following actionchain: hover = actionchains(driver) hover.move_to_element(elm_men_menu).perform() it throws following error: taceback: file [...] in testhover hover.perform() file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/common/action_chains.py", line 80, in perform action() file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/common/action_chains.py", line 290, in <lambda> command.move_to, {'element': to_element.id})) file "/usr/local/lib/python2.7/dist-packages/selenium/webdriver/remote/webdriver.py", line 256, in execute self.error_handler.check_response(response) file "/usr/local/lib/python2.7/...
Read more

html - How to custom Bootstrap grid height? -

why bootstrap grid has height 591.067 ? did height came ? .main-post { padding: 20px; background-color: #fff; border: 1px solid #d8d8d8; margin-bottom: 100px; } .main-post .post-categories { margin-bottom: 10px } .main-post h3 { margin: 0 0 10px; color: #777; letter-spacing: -1px; font-weight: bold } .main-post .post-author, .main-post .post-date, .main-post .post-comments { font-size: 12px } .main-post img { display: block; margin: 10px 0; } .main-post .post-summary { line-height: 1.7; color: #888 } .main-post { color: #999 } <div class="col-sm-6"> <div class="main-post"> <h3 class="post-title"> <a href="#"> post title </a> </...
Read more

Ansible warning on jinja2 braces on when -

i using code in vars my_var: "{{lookup('env','my_var') | default(true, true)}}" i using like - include: task.yml when: my_var this worked without issue in ansible 2.2 in ansible 2.3 warning this [warning]: when statements should not include jinja2 templating delimiters such {{ }} or {% %}. found: {{lookup('env','my_var') | default(true, true)}} so if use my_var: "lookup('env','my_var') | default(true, true)" , mean remove {{ }} , no warning my_var evaluated true no matter if pass false env variable. works fine in previous code gave how can fix it? the cleanest way set fact instead of using template in variable (it prevent lookup plugin being called multiple times in included tasks - not huge performance gain, cleaner): - set_fact: my_var: "{{lookup('env','my_var') | default(true, true)}}" also mind evaluate true in cases when environment my_var diff...
Read more