I am new to normalizing databases and I am setting up a login page,
i have this code: and it doesnt work
$password = mysqli_real_escape_string($sql , $password);
$emailuser = mysqli_real_escape_string($sql , $emailuser);
$pwcheck = "
SELECT * FROM business AS p
INNER JOIN user_business_data
AS c ON p.id = c.id
WHERE username='$emailuser' OR email='$emailuser'";
$resultcheck = mysqli_query($sql , $pwcheck);
$rowcheck = mysqli_fetch_array($resultcheck , MYSQLI_ASSOC);
$hash = $rowcheck['password'];
$hash_pwd = password_verify($password , $hash);
if ($hash_pwd != 0) {
$_SESSION['username'] = $rowcheck['username'];
$_SESSION['logged'] = true;
header("refresh:0;url=blablabla.php");
}
As I mentioned in comments; the password column's length is too short and you need to start over with a new hash.
The column should be 60+.
what is the password column length then? that may be failing on you silently – Fred -ii-
works! Thanks :D I really didnt think about its length, @Fred-ii- haha! – guy
As per the manual on password_hash()
Therefore, it is recommended to store the result in a database column that can expand beyond 60 characters (255 characters would be a good choice).