Good Night!
I use the PASSWORD_BCRYPT function to encrypt my passwords. When I use the code below:
//conteudo do pass.txt é: yW9ujS
$arquivo = fopen('/tmp/pass.txt','r+');
$linha = fgets($arquivo);
$senha = password_hash($linha, PASSWORD_BCRYPT, [cost => 12]);
echo "$senha";
Generate a Hash as expected. Except this Hash in the database and when I try to access my application with the user and password (yW9ujS) it says that the password is invalid.
If I use the command below:
//conteudo do pass.txt é: yW9ujS
$arquivo = "yW9ujS";
$senha = password_hash($arquivo, PASSWORD_BCRYPT, [cost => 12]);
echo "$senha";
A hash is generated and when I save this new hash in the database, I take an access test in the application, and the access happens.
It seems that when I use fopen, some "Trash" is added during the process and PASSWORD_BCRYPT ends up encrypting everything together and the hash ends up changing.
If I just send an echo to the $ line, the exact password that appears in the pass.txt file appears
$linha = fgets($arquivo);
Can anyone imagine what it can be?