I am using cakephp 3.5 and i have a password change form in which i am entering old password and want to compare old entered password with one in database.
i am comparing like
$hasher = new DefaultPasswordHasher;
if($hasher->check($password , $hashedPasswordDb )){
echo “Password Compared”;
}else{
echo “Password Not Compared”;
}
Please dump the entity of the user (you do not need to send it to us) and check it in there.
Then, as Zuluru said, make sure $hashedPasswordDb is a string, not a query result object.
I use similar code in my programs and it works just perfectly. What I would suggest is this:
Ensure that both variables $password and $hashedPasswordDB actually contain the values they were meant to contain.
Do a debug of both variables just before the hash-check