error with password_verify ()

Question

error with password_verify ()

Navigation

#1 by (0 votes)

0

Good afternoon I have a problem using password_verif() it is not verifying correctly to log in, it is falling straight into else with msg "bad password". could anyone help me?

Functions:

private function compararSenha($hash){
    return password_verify($this->getSenha(), $hash);
}

private function findEmail($campo){
    $consulta = parent::select($campo, 'funcionario', 'WHERE email = ?', 's', array($this->getEmail()));
    $result = $consulta->fetch_object();

    if($consulta->num_rows > 0){
        if($campo == 'senha'){
            return $result->senha;
        }else if($campo == 'email'){
            return true;
        }
    }else{
        return false;
    }

}

public function logar(){
    $msgResult = array();
    $resultSearchPass = $this->findEmail('senha');

    if($resultSearchPass){
        if($this->compararSenha($this->getSenha(), $resultSearchPass)){
            $consulta = parent::select('id', 'funcionario', 'WHERE email = ? AND senha = ?', 'ss', array($this->getEmail(), $this->getSenha()));
            $result = $consulta->fetch_object();

               if($consulta->num_rows > 0){
                    $_SESSION['idFuncionario'] = $result->id;
                    $_SESSION['logado'] = true;

                    $msgResult['tipo'] = 'success';
                    $msgResult['msg'] = "Login Efetuado com Sucesso!";
                    return json_encode($msgResult);
                }else{
                    $msgResult['tipo'] = 'error';
                    $msgResult['msg'] = 'Email ou Senha Incorretos!';
                    return json_encode($msgResult);
                }
            }else{
                $msgResult['tipo'] = 'error';
                $msgResult['msg'] = 'Senha Incorreta!';
                return json_encode($msgResult);
            }
        }else{
            $msgResult['tipo'] = 'error';
            $msgResult['msg'] = 'Email não Existe!';
            return json_encode($msgResult);
        }

    }

php hash password

asked by anonymous 07.12.2018 / 17:40

1 answer

How to print text in the same line in Python Duplicate bootgrid header and footer

score 0 · Accepted Answer

You are passing the wrong parameters to your method. Notice your method signature:

private function compararSenha($hash){
    return password_verify($this->getSenha(), $hash);
}

It only receives the hash , because the password is fetched on the object itself through the getSenha() method. So this method just needs to get the hash and nothing else.

However, in your code you call this method by passing two arguments, the password and the hash, and your function is using the password as a hash, and dropping $resultSearchPass .

To fix this problem simply change:

if ($this->compararSenha($this->getSenha(), $resultSearchPass)) {
    // ...
}

By:

if ($this->compararSenha($resultSearchPass)) {
    // ...
}