password_verify() return false?

Question

shany0786 8 Junior Poster in Training

8 Years Ago

i am using password_hash() and password_verify() for hashing passwords but passwords_verify() returns false.This is my code

<?php
/**
 * .
 *
 * @author Anmol Raghuvanshi <ershadow786@gmail.com>
 * @license
 * @copyright
 */

class User_admin
{

  private $db;

    function __construct($DB_con)
    {
      $this->db = $DB_con;
    }

    public function register($fname,$lname,$umail,$upass,$mobile,$address)
    {
       var_dump($upass);
       try
       {
           $new_password = password_hash($upass, PASSWORD_DEFAULT);
           var_dump($new_password);
           $stmt = $this->db->prepare("INSERT INTO gy_registration(name,mobile_no,address,email_address)
                                                       VALUES(:fname,:umail,:mobile_no,:address)");

           $stmt->bindparam(":fname", $fname);
           $stmt->bindparam(":umail", $umail);
           $stmt->bindparam(":mobile_no", $mobile);
           $stmt->bindparam(":address", $address);
           $stmt->execute();

           $query=$this->db->prepare("INSERT INTO gy_user_detail(reg_id,first_name,last_name,username,password)"
                   . " VALUES (last_insert_id(),:fname,:lname,:umail,:upass)");
           $query->bindparam(":fname", $fname);
           $query->bindparam(":lname", $lname);
           $query->bindparam(":umail", $umail);
           $query->bindparam(":upass", $new_password);
           $query->execute();
           return $stmt;
       }
       catch(PDOException $e)
       {
           echo $e->getMessage();
       }
    }


    public function login($umail,$upass)
    {
    var_dump($upass);
       try
       {    
          $stmt = $this->db->prepare("SELECT * FROM gy_user_detail WHERE username=:umail LIMIT 1");
          $stmt->execute(array(':umail'=>$umail));
          $userRow=$stmt->setFetchMode(PDO::FETCH_ASSOC);
          var_dump(password_verify($upass,$userRow['password']));
          if($stmt->rowCount() > 0)
          { 
              if(password_verify($upass, $userRow['password'])) {
        echo "verified";
                //$_SESSION['user_session'] = $userRow['user_id'];
                return true;
          }
            else
             {

                return false;
             }
          }
       }
       catch(PDOException $e)
       {
           echo $e->getMessage();
       }
   }

   public function is_loggedin()
   {
    echo "h";
    //  if(isset($_SESSION['user_session']))
    //  {
      //   return true;
    //  }
   }

   public function redirect($url)
   {
       header("Location: $url");
   }

   public function logout()
   {
  //      session_destroy();
    //    unset($_SESSION['user_session']);
        return true;
   }
}

?>

i have var_dump password before and after hashing value .hash value is stored in database but when it comes to verify() it fails.any help??
i have passsowrd field in database as 255 varchar

mysql php

1 Contributor
2 Replies
2K Views
5 Hours Discussion Span
Latest Post 8 Years Ago Latest Post by shany0786

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

shany0786 8 Junior Poster in Training · Answer 1 · 2016-01-06T11:58:02+00:00

replacing $userRow=$stmt->setFetchMode(PDO::FETCH_ASSOC); in login function with fetch() methods works for me but not with $userRow=$stmt->setFetchMode(PDO::FETCH_ASSOC) can anybody explain this

shany0786 8 Junior Poster in Training · Answer 2 · 2016-01-06T15:23:56+00:00

shany0786 8 Junior Poster in Training

8 Years Ago

could anybody explain me this?