GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Tech User authentification / login issue (password hash)

zijlstravideo · 07-02-2022, 03:12 PM

You want to grab the clean user input (aka the password the user typed in), then compare that to the hash (in the database), I assume?

But here you are comparing the user input to $password (which is the hash/SQL entry, I guess?).

Shouldn't it be more like this this, in that case:

if (password_hash($_POST['password'], PASSWORD_BCRYPT) === $password)
{
....
}

07-02-2022, 03:12 PM
zijlstravideo Confirmed User Industry Role: Join Date: Sep 2013 Location: The Netherlands Posts: 805	You want to grab the clean user input (aka the password the user typed in), then compare that to the hash (in the database), I assume? But here you are comparing the user input to $password (which is the hash/SQL entry, I guess?). Shouldn't it be more like this this, in that case: if (password_hash($_POST['password'], PASSWORD_BCRYPT) === $password) { .... } __________________ Contact: email