I am attempting to build a login feature but without a registration system. This presents an issue as I am not sure how to make hashing compatible between mysql and php.
My PHP code:
if (password_verify($upass, 'sha256') && $count == 1){
$_SESSION['userSession'] = $row['uid'];
header("Location:profilepage.php");
}
else {
//SPLOSIONS!!
}
$upass represents a POST on my form input, where users enter their given password.
My attempt at hashing password in MySQL:
UPDATE users SET `userpassword` = SHA2(`userpassword`, 256)
The userpassword matches my userpassword column on my database, which I have hashed with SHA2.
The problem here is that my password_verify code on PHP appears incompatible with my updated hashed password on MySQL. As a result I run into my else command, rather than the code I want.
Was wondering how to make my MySQL password column compatible with my PHP code, or vice versa, or if there is a more practical approach to this.
