Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Why Password_Verify function Fails Here ?

Enoch AliEnoch Ali Member Posts: 2

Php Programmers,

Why is the password_verify failing on this script ?

<?php /* ERROR HANDLING */ declare(strict_types=1); ini_set('display_errors', '1'); ini_set('display_startup_errors', '1'); error_reporting(E_ALL); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); if ($_SERVER['REQUEST_METHOD'] == "POST") { if (isset($_POST["login_username_or_email"]) && isset($_POST["login_password"])) { $username_or_email = trim($_POST["login_username_or_email"]); // $password = $_POST["login_password"]; $hashed_password = password_hash($password, PASSWORD_DEFAULT); //Select Username or Email to check against Mysql DB if they are already registered or not. $stmt = mysqli_stmt_init($conn); if(strpos("$username_or_email", "@) === true) { $email = $username_or_email; $username = "; $query = "SELECT ids, usernames, passwords, emails, accounts_activations_statuses FROM users WHERE emails = ?"; mysqli_stmt_init($stmt); $stmt = mysqli_prepare($conn, $query); mysqli_stmt_bind_param($stmt, 's', $email); mysqli_stmt_execute($stmt); $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status); } else { $username = $username_or_email; $email = ""; $query = "SELECT ids, usernames, passwords, emails, accounts_activations_statuses FROM users WHERE usernames = ?"; $stmt = mysqli_prepare($conn, $query); mysqli_stmt_bind_param($stmt, 's', $username); mysqli_stmt_execute($stmt); $result = mysqli_stmt_bind_result($stmt, $db_id, $db_username, $db_password, $db_email, $db_account_activation_status); } $row = mysqli_fetch_array($result, MYSQLI_ASSOC); mysqli_stmt_close($stmt); if ($result == false) { echo "Incorrect User Credentials 1 - (query result == FALSE on LINE 79! )!<br>"; exit(); } elseif ($row['accounts_activations_statuses'] == '0') { { echo "You have not activated your account yet! Check your email for instructions on how to activate it. Check your spam folder if you don't find an email from us."; exit(); } } else { echo "Else got triggered on LINE 98! - (query result = TRUE)!
";//This ELSE is getting triggered on the test. That means $result = TRUE; echo "Hash from db: $db_password
"; } if (password_verify($password, (string)$row['passwords'])==true) { $_SESSION["user"] = $username; header("location:home.php?user=$username"); } else { echo "Incorrect User Credentials 2! (Else got triggered on LINE 124. Stating: 'password_verify = FALSE');
"; exit(); } } } ?>

<!DOCTYPE html>

<?php $site_name?> Member Login Page


div class = "container">

<?php $site_name ?> Member Login Form


It fails to log me in with the correct password. Column name: passwords. And not "password" or "Password" or "Passwords" as some might suspect I done a typo in column name when I have not.


  • Enoch AliEnoch Ali Member Posts: 2


    Can you put the correct code tag in my original post ? Also, why has the html part of the code been truncated ?
    How can I attach the file (Note Pad++ instead ?).

  • Tyson BlairTyson Blair Member Posts: 35

    You do not seem to provide password_verify so we can not tell you why it seems to return false

Sign In or Register to comment.