I have a problem with password_verify() , apparently it is not comparing the password and the hash, no matter what I do it always results in error, my code is as follows:
try{
$base = new PDO("mysql:host=localhost; dbname=usuarios","root","");
$base->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql="SELECT * FROM login WHERE usuario= :usuario";
$resultado=$base->prepare($sql);
$user=htmlentities(addslashes($_POST["userName"]));
$password=htmlentities(addslashes($_POST["userPassword"]));
$resultado->execute(array(":usuario"=>$user));
$registro=$resultado->fetch(PDO::FETCH_ASSOC);
if(password_verify($password, $registro['password'])){
if(isset($_POST["checkbox"])){
setcookie("nombre_usuario", $_POST["userName"], time()+86400);
session_start();
$_SESSION["sesion"]=$_POST["userName"];
header("location:usuarios_registrados.php");
}else{
session_start();
$_SESSION["sesion"]=$_POST["userName"];
header("location:usuarios_registrados.php");
}
}else{
echo "Error";
}
}catch(Exception $e){
die("Error " . $e->getLine() . $e->getMessage());
}
I tried using:
password_verify ($ _ POST ["userPassword"], $ registration ['password'])
This is how users register:
$usuario= $_POST["user"];
$contrasenia=password_hash($_POST["password"],PASSWORD_DEFAULT);
try{
$base=new PDO('mysql:host=localhost; dbname=usuarios', 'root', '');
$base->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$base->exec("SET CHARACTER SET utf8");
$sql="INSERT INTO login (usuario, password) VALUES (:usuario, :contrasenia)";
$resultado=$base->prepare($sql);
$resultado->execute(array(":usuario"=>$usuario, ":contrasenia"=>$contrasenia));
echo "Registro insertado";
$resultado->closeCursor();
}catch(Exception $e){
echo "Línea del error: " . $e->getLine();
}finally{
$base=null;
}
but it still does not work.