-
September 18th, 2017, 09:21 AM
#1
Why Unable To Login With Password_Verify ?
Php Programmers,
Why is the password_verify failing on this script ?
It fails to log me in to my account with the correct Username/Email and Password.
Do check the script on your end in Xampp/Wamp.
Thanks.
PHP Code:
<?php /* ERROR HANDLING */ declare(strict_types=1); ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); if ($_SERVER['REQUEST_METHOD'] == "POST") { if (isset($_POST["login_username_or_email"]) && isset($_POST["login_password"])) { $username_or_email = trim($_POST["login_username_or_email"]); // $password = $_POST["login_password"]; $hashed_password = password_hash($password, PASSWORD_DEFAULT); //Select Username or Email to check against Mysql DB if they are already registered or not. $stmt = mysqli_stmt_init($conn); if(strpos("$username_or_email", "@) === true) { $email = $username_or_email; $username = "; $query = "SELECT ids, usernames, passwords, emails, accounts_activations_statuses FROM users WHERE emails = ?"; sqli_stmt_init($stmt); $stmt = mysqli_prepare($conn, $query); mysqli_stmt_bind_param($stmt, 's', $email); mysqli_stmt_execute($stmt); $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status); } else { $username = $username_or_email; $email = ""; $query = "SELECT ids, usernames, passwords, emails, accounts_activations_statuses FROM users WHERE usernames = ?"; $stmt = mysqli_prepare($conn, $query); mysqli_stmt_bind_param($stmt, 's', $username); mysqli_stmt_execute($stmt); $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status); } $row = mysqli_fetch_array($result, MYSQLI_ASSOC); mysqli_stmt_close($stmt); if ($result == false) { echo "Incorrect User Credentials 1 - (query result == FALSE on LINE 79! )!<br>"; exit(); } elseif ($row['accounts_activations_statuses'] == '0') { { echo "You have not activated your account yet! Check your email for instructions on how to activate it. Check your spam folder if you don't find an email from us."; exit(); } } else { echo "Else got triggered on LINE 98! - (query result = TRUE)!"; //This ELSE is getting triggered on the test. That means $result = TRUE; echo "Hash from db: $db_password"; } if (password_verify($password, (string)$row['passwords'])==true) { $_SESSION["user"] = $username; header("location:home.php?user=$username"); } else { echo "Incorrect User Credentials 2! (Else got triggered on LINE 124. Stating: 'password_verify = FALSE');"; exit(); } } } ?>
<!DOCTYPE html>
<?php $site_name?> Member Login Page
<
div class = "container">
<?php $site_name ?> Member Login Form
Username/Email: Password:
It fails to log me in with the correct password. Column name: passwords. And not "password" or "Password" or "Passwords" as some might suspect I done a typo in column name when I have not.
Last edited by 2kaud; September 19th, 2017 at 03:03 AM.
Reason: Formatted code
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|