Using bcyrpt?

Jemz

xmas tings.
Aug 6, 2013
166
17
Can someone please tell me how bcrypt works, I was able to encrypt my data
PHP:
        require_once('bcrypt.inc.php');
        // And use the new password_hash() function to encrypt using bcrypt with a 10 cost
        $string = password_hash($string, PASSWORD_BCRYPT, array("cost" => 10));
        // Then return it to the calling function
        return $string;

However when it comes to logging in, the hash just keeps on changing so the hash never matches if you get what I mean.
 

Jemz

xmas tings.
Aug 6, 2013
166
17
Are you using the password_verify function?


Yes, I may of set it up wrong though obviously not very experienced.
PHP:
        require_once('bcrypt.inc.php');
   
        $username     = $core->clean( $username );
        $password     = $core->clean( $password );
        $hash           = $core->encrypt( $password );
        $password_ver = password_verify( $password, $hash );
   
        $query = $db->query("SELECT * FROM users WHERE username = '{$username}' AND password = '{$password_ver}'");
 

Weasel

👄 I'd intercept me
Nov 25, 2011
4,135
2,461
Hmm so how would I incorporate it in a query so it can log a user in ?
Get the hashed password from the database, and do a if statement with password_verify, if it returns true the password is correct, otherwise return an error.

If you are making something you want to release, I don't advice using those functions as not many people are already using PHP5.5.
 

Ollie

Member
Jan 7, 2013
72
11
Code:
require_once('bcrypt.inc.php');
 $username = $core->clean( $username );
$password = $core->clean( $password );
 $query = $db->query("SELECT * FROM users WHERE username = '{$username}' ");
$array = $db->assoc( $query );
if(password_verify($password, $array['password'])) {
//Log the user in
} else {

echo "Wrong password";

}

Seems like radiPanel structure.
 

Jemz

xmas tings.
Aug 6, 2013
166
17
Code:
require_once('bcrypt.inc.php');
$username = $core->clean( $username );
$password = $core->clean( $password );
$query = $db->query("SELECT * FROM users WHERE username = '{$username}' ");
$array = $db->assoc( $query );
if(password_verify($password, $array['password'])) {
//Log the user in
} else {

echo "Wrong password";

}

Seems like radiPanel structure.

That's because it is radipanel, securing it up a bit.
 

Ollie

Member
Jan 7, 2013
72
11
@Jemz If you do it let me know, I had a go the other other day lmao, but it broke re-direct for some reason.
Anyway im guessing this is for ThisBoon lol.
Im Ollie the guy that gave you YouBoons v2 lmao, just got a bent name on here.
 

Users who are viewing this thread

Top