This question already has an answer here:
I'm have a problem with php crypt() function, it generates a different passwords
here is the code for adding a test user to the database:
$hash = crypt('roms','rc');
$data = array('username' => 'roms', 'password' => $hash, 'email' => 'roms@r.c');
$this->db->insert('users',$data);
And here is the login function:
// user login function
public function userLogin($username, $password){
$results = $this->db->select('select * from users where username = :username',
array(':username'=>$username));
// print_r($results);
$pass = $results[0]->password;
// echo '<br>';
// echo crypt('roms','rc');
// echo '<br>';
// echo $password;
// echo '<br>';
// echo $pass;
if( (count($results) > 0) ){
//echo ">0";
if($pass == $password){
return true;
}
}
return false;
}
The result of the function: it works but never passes the if($pass == $password) condition because the passed hash is different than the one stored in the database
// print_r($results);
Array ( [0] => stdClass Object ( [id] => 7 [username] => roms [password] => rc7y3Ie22wNUQ [email] => roms@r.c ) )
// echo crypt('roms','rc'); (crypt the original password)
rc7y3Ie22wNUQ
// echo $password; (passed to the function)
rcKGHUlyQfgrU
// echo $results[0]->password; (from the database)
rc7y3Ie22wNUQ
And here is the login function call
if(isset($_POST['user-login'])){
$db = new DbHelpers();
$username = $_POST['username'];
$password = crypt($_POST['passowrd'],'rc');
$bool = $db->userLogin($username, $password);
if($bool){
//echo "<script>alert('1');</script>";
$_SESSION["username"] = $username;
\Helpers\Url::redirect('admin');
}else{
//echo "<script>alert('0');</script>";
$data['login-error'] = '1';
}
}
Note that I'm using simple mvc framework, it has a Password class for hashing passwords but I had the same problem when I used it. I also tried the md5 function.
</div>
