TechQA.

password_verify not working with php it seems to be the function

36 views Asked by At

I use password_hash and password_verify. Everything is working well the password is welled send in the database it goes retieve it well. Both the hash password and unhash are the same, but still it won't let me through saying the password is incorrect. Here's the code of login (connexion) and Subcribe code:


<?php
include('db.php');
@session_start();

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $mail = filter_var($_POST['mail'],FILTER_VALIDATE_EMAIL);
    $mot_de_passe = $_POST['mot_de_passe'];

    try {
        $stmt = $conn->prepare("SELECT id_membre, mot_de_passe FROM membre WHERE mail = :mail");
        $stmt->bindParam(':mail', $mail);
        $stmt->execute();
        $membre = $stmt->fetch(PDO::FETCH_ASSOC);

        if ($membre) {

            if (password_verify($mot_de_passe, $membre['mot_de_passe'])) {
                session_start();
                $_SESSION['id_membre'] = $membre['id_membre'];
                header("Location: profil.php");
                exit();
            } else {
                $_SESSION['login_error'] = "Mot de passe non-valide."; **( So even if the password correct it says this)**
            }
        } else {
            $_SESSION['login_error'] = "E-mail introuvable. Veuillez vous inscrire.";
        }
    } catch (PDOException $e) {
        echo "Error: " . $e->getMessage();
    }

    // Redirect back to the login page after setting the error message
 header("Location: index.php");
    exit();
}
?>

The other one:


<?php
include('db.php');
//changer le nom du password de connexxion !! ==cnxpassword
function get_mail($pdo, $mail){
  $query = "SELECT mail FROM  membre WHERE mail = :mail; ";
  $statement = $pdo->prepare($query);
  $statement->bindParam(":mail", $mail);
  $statement->execute();

  $result = $statement->fetch(PDO::FETCH_ASSOC);
  return $result; 
}

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $prenom = $_POST['prenom'];
    $nom = $_POST['nom'];
    $mail = $_POST['mail'];
    $mot_de_passe = $_POST['registerpassword']; 
    $confirmpassword = $_POST['confirmregisterpassword'];  

    if ($mot_de_passe!== $confirmpassword) {
        echo "Les mots de passes ne matchent pas.";
        exit();
    }
    $hashedPassword = password_hash($mot_de_passe, PASSWORD_DEFAULT);

    try {

      if($mail==get_mail($conn,$mail)){
        $errors["mail_taken"] = "Cette adresse e-mail est déjà pris!";
       }
        $stmt = $conn->prepare("INSERT INTO membre (prenom, nom, mail, mot_de_passe) VALUES (:prenom, :nom, :mail, :mot_de_passe)");

        $stmt->bindParam(':prenom', $prenom);
        $stmt->bindParam(':nom', $nom);
        $stmt->bindParam(':mail', $mail);
        $stmt->bindParam(':mot_de_passe', $hashedPassword);

        $stmt->execute();
        header("Location: profil.php");
        exit();
    } catch (PDOException $e) {
        echo "Error: " . $e->getMessage();
    }
}
?>

I tried renamed and all.

php password-hash
Original Q&A
0

There are 0 answers

Related Questions in PHP

Related Questions in PASSWORD-HASH

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions