Password Validation in Codeigniter |
Hi all I have this issue when I validate log in in codeigniter that seems it does not check the required password in my database.The required password in my database is hash using this
Code: $password_hash = password_hash($password, PASSWORD_BCRYPT); I'm also using this hash to test of it's ability and security also. the code in my log in view is: Code: <div class="container"> On my controller: Code: public function login(){ and on my Model: public function can_log_in(){ Code: $this->db->where('log_username', $this->input->post('username')); When I put username it validates the required username and the only problem is the password that whatever i put on the password it validated and redirect to specific page/views, it sounds crazy. A help and a little explanation would great help. What i'm trying to get here is to check if input password on the form is the same as in the database password. Example: form input password is abcd and on my database password is cdef. But when i put whatever password on the form . Example: form input password were ae,ui,ou the values are pass to controller and model and it redirects to specific page/views. (01-08-2018, 09:15 PM)lothux1987 Wrote: This doesn't make any sense ... It doesn't actually compare to a database field, the parameters passed to password_verify() are incorrect and the overall logic is incorrect. Read up how password_verify() works. You're supposed to fetch from the DB only by username, and then verify against the fetched hash. Questions about password_hash(), password_verify() are asked almost weekly on StackOverflow, a simple Google search should've given you all the help you need.
Solved it.
I was so totally dumb for not reading carefully what the use of password_verify() on PHP Manual. Well I finally get it right now. Here's my answer to my question an Updated One. Code: public function login(){ } This gives me headache but that was worth it and I'm happy for the outcome. Sorry about that mate.. |
Welcome Guest, Not a member yet? Register Sign In |