My checkPassword() method returns false every time even though I know it is right. I used the same method for hashing/salting as I did for checking and I made sure everything is the way it should be but it still returns false. I'm using 'Bcrypt-PHP-Class' found here to hash everything https://github.com/cosenary/Bcrypt-PHP-Class Here is how I hashed the password:
$password = Bcrypt::hashPassword($_POST['password']);
Here is how I check the password:
$check = Bcrypt::checkPassword($password, $user['password']);
($user is an array of the user's information like username,password,email etc.) $check is still false even after checking that everything is exactly right. There are no errors either. Thanks in advanced to anyone who can help me out. Bcrypt methods:
public static function checkPassword($password, $storedHash) {
if (version_compare(PHP_VERSION, '5.3') < 0) {
throw new Exception('Bcrypt requires PHP 5.3 or above');
}
self::_validateIdentifier($storedHash);
$checkHash = crypt($password, $storedHash);
return ($checkHash === $storedHash);
}
public static function hashPassword($password, $workFactor = 0) {
if (version_compare(PHP_VERSION, '5.3') < 0) {
throw new Exception('Bcrypt requires PHP 5.3 or above');
}
$salt = self::_genSalt($workFactor);
return crypt($password, $salt);
}