This question already has an answer here:
ok, so i want to verify the hashed password stored in my database; however everytime i implement password_verify i get the white screen of death. But when i remove it and use a password that isnt hashed in the database the script works.
i turned on error reporting in both my config files and the script itself
<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL | E_STRICT);
session_start();
include('config.php');
// if($_SERVER["REQUEST_METHOD"] == "POST") {
// email and password sent from form
if (isset($_POST['email'])) {
//do something
$email = $_POST['email'];
$password = $_POST['password'];
}
if (isset($_POST['password'])) {
//$password = $_POST['password'];
//$password = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
$conn= new mysqli ("$DB_HOST", "$DB_USER", "$DB_PASSWORD","$DB_NAME");
$db="ship2two4_a53";
$sql = "SELECT * FROM usersdb WHERE email = '$email' AND password = '$password' ";
mysqli_select_db($conn,$db);
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result,MYSQLI_ASSOC);
$active = $row['active'];
$count = mysqli_num_rows($result);
// implode($row);
// If result matched $email and $password, table row must be 1 row
if($count==1) {
// session_register("email");
$_SESSION['email'] = $email;
}
if(password_verify( $_POST['password'] ,$password)){
header("Location:../sbAdmin/index.php");
}
else {
$error = "Your Login Name or Password is invalid";
}
mysqli_close($conn);
?>
i want the script to run and the user be sent to their dashboard
</div>
