I'm storing a password in a database, like so:
public function add_user($username, $password){
$password = password_hash($password, PASSWORD_DEFAULT); //here
$this->query = $this->conn->prepare('INSERT INTO users (username, password) VALUES (:username, :password)');
$this->query->bindParam(':username', $username);
$this->query->bindParam(':password', $password);
$this->query->execute();
}
However, I am not sure how to retrieve it. I know of the function
password_verify($password, $hash)
But I am not sure how to use it. How do I use it to get a user from a database?
What's the best way for me to verify a password with the following code:
public function get_user($username, $password){
$this->query = $this->conn->prepare('SELECT * from users WHERE username=:username AND password=:password');
$this->query->bindParam(':username', $username);
$this->query->bindParam(':password', $password);
$this->query->execute();
$this->retrieve = $this->query->fetchAll(PDO::FETCH_ASSOC);
}
Any help or guidance would be great. The logic of this has confused me greatly.
See Question&Answers more detail:os