Quote:
Originally Posted by sarettah
Have you printed out what are in the 2 variables to see what you are comparing?
.
|
Yeah, this should be easy to debug. If PHP tells you the two variables don't match, they don't match.
Echo both your $_POST variable and $password, and see why they don't match.
EDIT:
On your signup form, you use $password = mysqli_real_escape_string($link, $_REQUEST['password']), before you hash it and store it into your database.
Therefore, any added slashes before escaped characters become part of the hash as well.
Perhaps try: if(password_hash(mysqli_real_escape_string($_POST['password']), PASSWORD_BCRYPT) === $password)