I am using cakephp 3.5 and i have a password change form in which i am entering old password and want to compare old entered password with one in database.
i am comparing like
$hasher = new DefaultPasswordHasher;
if($hasher->check($password , $hashedPasswordDb )){
echo “Password Compared”;
}else{
echo “Password Not Compared”;
}
but it always goes to false;
Are your sure your password is properly hashed in the database?
And is $hashedPasswordDb definitely a string, and not, for example, a query result object?
Yes i am preety sure it is hashed by Default password hasher in auth
and for auth i am follwing this https://trinitytuts.com/cakephp3-acl-implementation/
Please dump the entity of the user (you do not need to send it to us) and check it in there.
Then, as Zuluru said, make sure $hashedPasswordDb is a string, not a query result object.
Hi @sanjeevrouhan,
I use similar code in my programs and it works just perfectly. What I would suggest is this:
Ensure that both variables $password and $hashedPasswordDB actually contain the values they were meant to contain.
Do a debug of both variables just before the hash-check