function sys_user_verify($userName, $userPassword) { if (!empty($userName) && !empty($userPassword)) { $userId = sys_user_getId($userName); if (!empty($userId)) { # read hashed password from database $dbPassword = password_hash("melol", PASSWORD_DEFAULT); if (password_verify($userPassword, $dbPassword)) { return TRUE; } } } return FALSE; }
function sys_user_verify($userName, $userPassword, $conexion) { if (!empty($userName) && !empty($userPassword)) { $userId = sys_user_getId($userName, $conexion); if (!empty($userId)) { # read hashed password from database $query = "SELECT userPass " . "FROM users " . "WHERE userId = ? " . "LIMIT 1 "; $stmt = $conexion->prepare($query); $stmt->bind_param('i', $userId); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($db_password); //password de la bd $stmt->fetch(); if (password_verify($userPassword, $db_password)) { $_SESSION['userId'] = $userId; $_SESSION['userName'] = $userName; sys_session_create($conexion); return TRUE; } } } return FALSE; }