Im building a login/register project in school(beginner) and I have got a little stuck. I managed to has/salt my users when they register. But when I want to verify their login info with the hashes/salt I cant manage to pull it off it seems.
My register code is:
$localhost="host";
$user="user";
$password="password";
$database="database";
$email =$_POST['email'];
$passwords =$_POST['passwords'];
$conn =new mysqli($localhost, $user, $password, $database);
$error =$conn->connect_error;
if($error){
$code = $conn->connect_errno;
die("Error: ($code) $error");
}
$email = mysqli_real_escape_string($conn, $_POST['email']);
$passwordFromPost = $_POST['passwords'];
$salt = password_hash($passwordFromPost, PASSWORD_BCRYPT);
$passwords = mysqli_real_escape_string($conn, $_POST['passwords']);
$sql = "INSERT INTO Users (email, passwords, salt)
VALUES('$email','$passwords','$salt')";
$result= $conn->query($sql);
$conn->close();
I read a little about it on another post here and I think I should be able to decrypt the pw with $passwordCorrect = password_verify("password", $hashPassword);
but im not sure how to implement it in a php code and make it verify the user. Any tips on what I should do as next step?