who create an authentification system with crypt()

Question

i use crypt() function for protect password when i create user in database, but when i try to make a authentification system for connect my user, i don't understand how is work.

With this code, this always pass into the if "WRONG ID OR PASSWORD" :

<?php

        //connexion to database
        include'connexionBDD.php';


        // Check connection
        if ($bdd->connect_error) {
            die("Connection failed: " . $bdd->connect_error);
        } 
        echo "Connected successfully (".$bdd->host_info.")";

        $pseudonyme = $_POST['pseudo'];
        $password= $_POST['mdp'];


        //on crypte le mot de passe
        $password= crypt($password);

        $req = $bdd->prepare('SELECT ID_utilisateur FROM utilisateurs 
                              WHERE Pseudonyme = :pseudo AND Mot_de_passe = :mdp');
        $req->execute(array(
            'pseudo' => $pseudonyme,
            'mdp' => $password));

        $result= $req->fetch();




        if(!$result)
        {
           echo "WRONG ID OR PASSWORD"; 
        }
        else
        {
            session_start();
            $_SESSION['ID_utilisateur'] = $resultat['ID_utilisateur'];
            $_SESSION['Pseudonyme'] = $pseudonyme;
            $pseudo = $_SESSION['Pseudonyme'];
            echo "<p> You are connected with $pseudo !<p></div>";
        }

          ?> 

Answer 1

crypt() as of now is not preferred way to store passwords.

Use password_hash() to generate password and password_verify() to compare them.

Example code:

$password = "tere";
$cryptPassword = password_hash($password, PASSWORD_DEFAULT);
$verify = password_verify($password, $cryptPassword);
var_dump($verify); // Returns bool(true)

Also crypt() is well documented in PHP Manual, read about that.