php - Check phpass is correct on my existing login page -


i'm trying add phpass website no matter can't $check boolean return true let me log in, far i've managed encrypt password , store on database checking against failing.

<?php  if(isset($_post['login'])){      $em = $_post['email'];      // password form input     $pw = $_post["password"];      // passwords should never longer 72 characters prevent dos attacks     if (strlen($pw) > 72) { die("password must 72 characters or less"); }      // in case hash isn't found     $stored_hash = "*";      // retrieve hash stored earlier     $stored_hash = "this hash stored earlier";      // check password correct, returns boolean     $check = $hasher->checkpassword($pw, $stored_hash);      if ($check) {     // passwords matched! show account dashboard or      $result = $con->query("select * user email='$em' , password='$pw'");      $row = $result->fetch_array(mysqli_both);      session_start();      $_session["userid"] = $row['userid'];      header('location: account.php');       } else {       // passwords didn't match, show error     header('location: fail.php');     }   }

because i've been trying add existing login wonder if have excess code breaking it? or maybe messed no matter try when logging in thing load is

header('location: fail.php');:|

thanks in advance!

edit: right, have register file saves hashed password database:

if(isset($_post['register'])){      session_start();     $fname  = $_post['first_name'];     $lname  = $_post['last_name'];     $email  = $_post['email'];      // in case, password retrieved form input     $pw = $_post["password"];      // passwords should never longer 72 characters prevent dos attacks     if (strlen($pw) > 72) { die("password must 72 characters or less"); }      // $hash variable contain hash of password     $hash = $hasher->hashpassword($pw);      if (strlen($hash) >= 20) {      // store hash somewhere such database     // code tutorial focuses on hashing passwords     $sql = $con->query("insert user (fname, lname, email, password)values('{$fname}','{$lname}', '{$email}', '{$hash}')");      } else {       // went wrong      }      echo $hash;  //  $storepassword = password_hash($pw, password_bcrypt, array('cost' => 10));        header('location: login.php'); //redirect here when registering

and wish read database, compare password entered etc.

how pull info mysqli db compare it? , make work?

this tutorial following: https://sunnysingh.io/blog/secure-passwords

if(isset($_post['login'])){      $em = $_post['email'];      // password form input     $pw = $_post["password"];      // passwords should never longer 72 characters prevent dos attacks     if (strlen($pw) > 72) { die("password must 72 characters or less"); }      $result = $con->query("select * user email='$em'");      $row = $result->fetch_array(mysqli_both);      if ($row) {          // check password correct, returns boolean         $check = $hasher->checkpassword($pw, $row['password']);          if ($check) {             // passwords matched! show account dashboard or              session_start();              $_session["userid"] = $row['userid'];              header('location: account.php');             exit;         }     }       // passwords didn't match, show error     header('location: fail.php');  }

Comments

Post a Comment

Popular posts from this blog

routing - AngularJS State management ->load multiple states in one page -

Image
i developing site in angularjs ui-router. have situation on button click need change , load 3 state page , 3 looks image .please me how can load multiple pages. in 1 page you need configure router config this: $stateprovider .state("state1", { url: "/url1", controller: "firstcontroller", views: { view1: { templateurl: "templates/template1.html" }, view2: { templateurl: "templates/template2.html" }, view3: { templateurl: "templates/template3.html" } } }).state("state2", { url: "/url2", controller: "secondcontroller", views: { view1: { templateurl: "templates/template4.html" }, view2: { templateurl: "templates/template5.html" }, view3: { templateurl: "templates/template6.html" } }).state("state3", { ...
Read more

python - GRASS parser() error -

i'm trying use grass on python 2.7, i'm having problems @ setting script on idle, i'm getting error @ parser() function: here script: import os import sys gisbase = os.environ['gisbase'] = 'c:\program files (x86)\grass gis 7.0.1rc1' gisrc = 'c:\grassdata' gisdbase = 'c:\grassdata' location = 'newlocation' mapset = 'tc' ld_library_path = 'c:\program files (x86)\grass gis 7.0.1rc1\lib' path = 'c:\program files (x86)\grass gis 7.0.1rc1\etc';'c:\program files (x86)\grass gis 7.0.1rc1\etc\python';'c:\program files (x86)\grass gis 7.0.1rc1\lib';'c:\program files (x86)\grass gis 7.0.1rc1\bin';'c:\python27';'c:\program files (x86)\grass gis 7.0.1rc1\python27';'c:\program files (x86)\grass gis 7.0.1rc1\msys' pythonlib = 'c:\python27' pythonpath = 'c:\program files (x86)\grass gis 7.0.1rc1\etc\python' sys.path.append(os.path.join(os.environ['...
Read more

post - imageshack API cURL -

i credentials correct. when send image through form this:(action="http://api.imageshack.com/v2/images/"). working fine when tried send $ch = curl_init($url); failed. code: enter code here <form action="" method="post" enctype="multipart/form-data"> select image upload: <input type="file" name="file" id="file" multiple> <input type="text" name="auth_token" id="auth_token" value="xxxxxxxxxxxxxxxx"> <input type="text" name="api_key" id="api_key" value="xxxxxxxxxxxxxxx"> <input type="submit" value="upload image" > </form> $url = ' http://api.imageshack.com/v2/images/ '; $temp = $_files["file"]['tmp_name']; echo $temp."<br>" ; $ch = curl_init($url); curl_setopt($ch, curlopt_post, true); curl...
Read more