I've got a light application i'm putting together as I get myself started, and I'm a touch confused.
I've set my database column for passwords to be 255, and used the password_hash function to get a hash, which I inserted.
But now the following ALWAYS returns false;
if (isset($_POST[submit])) {
$link = mysqli_init();
$mysqli = new mysqli(DB_SERVER, DB_USER, DB_PASS, DB_DATABASE);
if ($conn->connect_error) {
echo "ERROR: Could not able to execute $sql. " . mysqli_error($link);
}
$username = $_POST['username'];
$password = $_POST['password'];
$query = $mysqli->prepare("SELECT * FROM `admins` WHERE `username` = (?)");
$query->bind_param('s', $username);
echo $mysqli->error;
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
print_r($result);
if (!$result) {
echo '<p class="error">Username password combination is wrong!</p>';
} else {
if (password_verify($password, $result['password'])) {
$_SESSION['user_id'] = $result['id'];
header('Location: results.php');
} else {
echo '<p class="error">Username password combination is wrong!</p>';
}
}
}
Its just a small login form, a username, a password field and a submit button, but no matter what I try, every solution here seems to mention a column length being 60, and should be 255, which mine is. Any help would be appreciated.
Edit; updated the snippet to show more... result isn't printing which means its not getting anything from what I can tell?