PHP password_hash(), password_verify()

Here is what I use for password_hash and password_verify. Try it out as written, you can then start adding in the rest of your code once successful.

Modify table and column name(s) to suit.

N.B.: This is a basic insertion method. I suggest you use prepared statements instead.

Sidenote: The password column needs to be long enough to accomodate the hash VARCHAR(255). Consult “Footnotes”.

INSERT file

<?php
$DB_HOST = 'xxx';
$DB_USER = 'xxx';
$DB_PASS = 'xxx';
$DB_NAME = 'xxx';

$conn = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if($conn->connect_errno > 0) {
die('Connection failed [' . $conn->connect_error . ']');
}

$password = "rasmuslerdorf";
$first_name = "john";
$password = password_hash($password, PASSWORD_DEFAULT);

$sql = "INSERT INTO users (`name`, `password`) VALUES ('" .$first_name ."', '" .$password ."')";

    $query = mysqli_query($conn, $sql);
    if($query)

{
    echo "Success!";
}

else{
    // echo "Error";
    die('There was an error running the query [' . $conn->error . ']');
}

LOGIN file

<?php
// session_start();

$DB_HOST = 'xxx';
$DB_USER = 'xxx';
$DB_PASS = 'xxx';
$DB_NAME = 'xxx';

$conn = new mysqli($DB_HOST, $DB_USER, $DB_PASS, $DB_NAME);
if($conn->connect_errno > 0) {
  die('Connection failed [' . $conn->connect_error . ']');
}

$pwd = "rasmuslerdorf";
$first_name = "john";

//$sql = "SELECT * FROM users WHERE id = 1";

        $sql = "SELECT * FROM users WHERE name='$first_name'";
        $result = $conn->query($sql);
        if ($result->num_rows === 1) {
            $row = $result->fetch_array(MYSQLI_ASSOC);
            if (password_verify($pwd, $row['password'])) {

                //Password matches, so create the session
                // $_SESSION['user'] = $row['user_id'];
                // header("Location: http://www.example.com/logged_in.php");

                echo "Match";

            }else{
                echo  "The username or password do not match";
            }

}

 mysqli_close($conn);

Footnotes:

The password column should be long enough to hold the hash. 72 long is what the hash produces in character length, yet the manual suggests 255.

Reference:

“Use the bcrypt algorithm (default as of PHP 5.5.0). Note that this constant is designed to change over time as new and stronger algorithms are added to PHP. For that reason, the length of the result from using this identifier can change over time. Therefore, it is recommended to store the result in a database column that can expand beyond 60 characters (255 characters would be a good choice).”

Related Posts:

  1. How to use PHP’s password_hash to hash and verify passwords
  2. PHP – exit or return which is better?
  3. Where to get php_mcrypt.dll for PHP 7.2?
  4. When do I use the PHP constant “PHP_EOL”?
  5. Using $this when not in object context in PHP
  6. PHP &$string – What does this mean?
  7. PHP – Failed to open stream : No such file or directory
  8. Simplest way to profile a PHP script
  9. Popup window in PHP?
  10. Subtract 1 day with PHP
  11. Warning: session_start(): Cannot send session cookie – headers already sent by (output started at [duplicate]
  12. PHP – Indirect modification of overloaded property
  13. Why is the response on localhost so slow?
  14. Getting an error when I visit http://localhost
  15. Manually create a pyspark dataframe
  16. Couchbase query using “\uefff” break the next conditional keys
  17. Parse error: syntax error, unexpected T_STRING in php
  18. decision tree in R error:fit is not a tree,just a root
  19. How to understand and use `` , in JavaFX?
  20. How to find the Target *.exe file of *.appref-ms
  21. pandoc document conversion failed with error 1 after update to R version 3.4.2
  22. How to display hexadecimal numbers in C?
  23. How to send to BCC address when using PHPMailer to format MIME message for Gmail API?
  24. Call to a member function on a non-object [duplicate]
  25. What is the meaning of %s, %1$s etc.? [closed]
  26. How to use update and delete query in wordpress
  27. Best way to extends core classes in theme?
  28. Change destination author link
  29. How can i create a function to get youtube video time
  30. Adding Featured Image to Post programatically
  31. Refresh page after update_post_meta
  32. Show only one post for each author ( Page loads too slow )
  33. WP database error for comments_popup_link()
  34. Add product tag names to WooCommerce new order email subject
  35. Unable to set right time in admin and frontend template
  36. Check if current page is wp-admin
  37. WordPress custom image size on custom field image
  38. List User order by ID in Descending order (Backend)
  39. Random order of WP_Query results with highest meta value
  40. hook that when page is starting to load
  41. Ajax category filtering products default show all
  42. How to exclude category ID from Looper in WordPress
  43. Custom user login page by creating a plugin
  44. Why ajax doesn’t work on certain wordpress hooks?
  45. Whitelisting items from custom options page
  46. multiple taxonomy select display only one in front end
  47. Display latest x posts from all categories in Custom Post Type/Taxonomy
  48. How to store options in an array
  49. Generate sidebar depending on height of post
  50. Error using WordPress $wpdb object to get result from custom table
  51. Sidebar not appearing in footer, but it appears everywhere else!
  52. How to create table in wordpress without plugin? [closed]
  53. Adding media upload button to User Profile page (following a tutorial)
  54. How do you create two separate Register pages?
  55. In WordPress, how do I get the number of posts next to single_cat_title(”); in the category.php file?
  56. Include only posts with meta key “add_in_rss” in RSS Feed
  57. Need help with Code Correction php+wordpress
  58. post_content is stripping HTML when adding a new post? [closed]
  59. Querying a custom post type, but not show duplicates
  60. get db values for external js file
  61. How to exclude a widget from W3 Total Cache Plugin
  62. How can i show pagenavi in my author.php?
  63. Displaying values from related field – if empty shows current post type’s link and title
  64. Creating on-page options for Custom Post Type
  65. What should I write in the post action of this front end post form?
  66. Plugin Admin panel checkbox unchecked after submit
  67. How to split AJAX response into two divs
  68. Payment field disappears on custom Paypal plugin
  69. Creating a brand attribute as a variable
  70. Illegal string offset in PHP function in via Theme Customizer
  71. save_post_product action not firing
  72. How to hide the file name of 404.php in URL?
  73. when hooking to pre_user_query my wordpress crashes when using very simple commands?
  74. Loop for recently (updated_post_meta) posts?
  75. I am having errors with checkout on wordpress
  76. How to retrieve quantity input field by id in woocommerce
  77. WordPress – display relationship between blog posts and custom posts
  78. How to use Multi SQL Database in WordPress?
  79. Help me understand how Search function works using dynamic_sidebar()
  80. How to display post meta bellow every posts
  81. Sudden Upload HTTP errors, PHP uploads and memory limits are already to high to my taste. Anything else?
  82. Handling form actions in WordPress
  83. PHP code printed into CSS classes
  84. Thumbnail wouldn’t scale to size properly
  85. How to change the product short description for each product with PHP?
  86. PHP script to redirect traffic based on website accessed
  87. How to remove title tag with this filter
  88. How to handle the structure of page/taxonomy/post without making wordpress get confused with the url
  89. Add two or multiple functions in WordPress Post or Page
  90. Can’t put a hyperlink on Featured Post’s Image
  91. special characters not supporting in wordpress
  92. Custom user roles doesn’t apply changes
  93. A Space being added to url generated by custom plugin
  94. Why this plugin is not working?
  95. get_post_meta is always empty when I use wp_mail
  96. Insert dynamic content into posts
  97. Too many if’s and else if’s ?? – Must be better way [closed]
  98. Query posts by custom taxonomy slug in WP REST API?
  99. oneOf JSON Schema validation not properly working for custom post meta value?
  100. Refresh server side rendered block in Gutenberg without changing attributes or its content

Leave a Comment