x_wd11 Posted August 8, 2019 Share Posted August 8, 2019 I do NOT understand this: "password_verify($p, $row['passward'])" where: $p = 123456 while this is in DB: ba3253876aed6bc22d4a6ff53d8406c6ad864195ed144ab5c87621b6c233b548baeae6956df346ec8c17f5ea10f35ee3cbc514797ed7ddd3145464e2a0bab413 ??? if (empty($errors)) { // If everything's OK. $q = "SELECT user_id, first_name, passward FROM users WHERE user='xyz' AND passward=SHA2('$p', 512)"; $r = mysqli_query($dbc, $q); // Run the query. // Check the result: if (mysqli_num_rows($r) == 1) { // Fetch the record: $row = mysqli_fetch_array($r, MYSQLI_ASSOC); // Return true and the record: // Check the password: if (password_verify($p, $row['passward'])) { unset($row['passward']); return [true, $row]; } else { $errors[] = 'The user name and password do not match those on file.'; } // - The user name and password entered do not match those on file. ???? } else { // Not a match! $errors[] = 'The user-name and password entered do not match those on file.'; } Link to comment Share on other sites More sharing options...
x_wd11 Posted August 9, 2019 Author Share Posted August 9, 2019 I think I got it, I got some mess in those scripts, cannot keep track of them somehow. Wrong script, but it was working and then it quit, that is why I got confused, the later scripts do have a different setup and so easy to get carried away with the implementation that should be using different script. Link to comment Share on other sites More sharing options...
Recommended Posts