samedi 18 avril 2015

Compare hashed password to validate if passwords are matched

I use blowfish method to hash the passwords from the user when they're signing up.


In the signup form, there is "Enter Password" box and "Confirm Password" box.


So, to check if the passwords are matched, I used hashed versions to compare. But then, it doesn't seem to match.


Please see the code below...


get values from the super global variables and hash them.



$hashed_password = password_encrypt($_POST['password']);
$conf_hashed_password = password_encrypt($_POST['conf_password']);


call the function



 passwords_match_check($hashed_password, $conf_hashed_password);


Defined function



function passwords_match_check($hashed_pw, $conf_hashed_pw){
    global $errors;
    if($conf_hashed_pw != $hashed_pw){
        $errors['pws_no_match'] = "Passwords do not match";
    }


}


This code always says passwords do not match even if I do know passwords are same...


So, where I have gone wrong... ?


Is it OK, if I just used the values without hashing to compare ?


Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)