2
I’m returning to the world of PHP after a long winter. I took an example of user registration that uses MD5 as encryption standard and now I’m struggling to log in a test user because I need to change the default to crypt (Blowfish).
Apparently, the password recording is working properly. I’ve even found that it starts with "$1$", which is the standard of Blowfish but, when I try to login this user, the password I am typing does not match the password that is in the BD (Mysql).
I’ve tried to adapt my code in every way and I can’t get it right.
Follow a snippet of the function I use to validate the password (still in MD5 default):
public function login($email,$upass)
{
try
{
$stmt = $this->conn->prepare("SELECT * FROM TBL_USERS WHERE EMAIL=:email_id");
$stmt->execute(array(":email_id"=>$email));
$userRow=$stmt->fetch(PDO::FETCH_ASSOC);
if($stmt->rowCount() == 1)
{
if($userRow['USER_STATUS']=="Y")
{
if($userRow['PASSWORD']==$upass)
{
$_SESSION['userSession'] = $userRow['USER_ID'];
return true;
}
else
{
header("Location: index.php?error");
exit;
}
}
else
{
header("Location: index.php?inactive");
exit;
}
}
else
{
header("Location: index.php?error");
exit;
}
}
catch(PDOException $ex)
{
echo $ex->getMessage();
}
}
Can anyone help me? Do they need any more data? I know the best way is to poke around and I’ve already managed to create the 99.999% of my site just by poking around and remembering... Only that question remains!
Thank you all!!!
I can help you, sir. Use the functions of the type password_
– Jorge B.