compare password_hash and Security::generatePasswordHash($password) code example
Example 1: php hash password
include 'pdo.php';
$username = 'John';
$password = 'my secret password';
$hash = password_hash($password, PASSWORD_DEFAULT);
$query = 'INSERT INTO accounts (account_name, account_passwd) VALUES (:name, :passwd)';
$values = [':name' => $username, ':passwd' => $hash];
try
{
$res = $pdo->prepare($query);
$res->execute($values);
}
catch (PDOException $e)
{
echo 'Query error.';
die();
}
Example 2: php hash password
include 'pdo.php';
$login = FALSE;
$username = $_POST['username'];
$password = $_POST['password'];
$query = 'SELECT * FROM accounts WHERE (account_name = :name)';
$values = [':name' => $username];
try
{
$res = $pdo->prepare($query);
$res->execute($values);
}
catch (PDOException $e)
{
echo 'Query error.';
die();
}
$row = $res->fetch(PDO::FETCH_ASSOC);
if (is_array($row))
{
if (password_verify($password, $row['account_passwd']))
{
$login = TRUE;
}
}