I know there are hundreds of questions like this, but I'm going crazy and I can't get it to work, the insert works perfectly.
I have an Android app with which I have a user registration and login. I am doing it with mysqli
Login code:
<?php
include 'DatabaseConfig.php' ;
$con = mysqli_connect($HostName,$HostUser,$HostPass,$DatabaseName);
$username = $_GET["username"];
$Sql_Query = "select id, username, password from usuarios where username = '$username'";
$result = mysqli_query($con,$Sql_Query);
$row = mysqli_fetch_assoc($result);
if(password_verify($_GET["password"], $row['password'])){
while($ro = mysqli_fetch_assoc($result)) {
$response[] = $ro;
}
}
else echo "failed to log in(invalid password)";
?>
Insert code just in case:
<?php
include 'DatabaseConfig.php' ;
$con = mysqli_connect($HostName,$HostUser,$HostPass,$DatabaseName);
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$Sql_Query = "insert into usuarios (username, password, email) values ('" . mysqli_real_escape_string($con, $username) . "', '" . mysqli_real_escape_string($con, $hashed_password) . "', '" . mysqli_real_escape_string($con, $email) . "')";
if(empty($username)){
$result["success"] = "0";
$result["message"] = "ERROR";
echo json_encode($result);
mysqli_close($con);
}
else{
if(mysqli_query($con,$Sql_Query)){
$result["success"] = "1";
$result["message"] = "Registration success";
echo json_encode($result);
mysqli_close($con);
}
else{
$result["success"] = "0";
$result["message"] = "error in Registration";
echo json_encode($result);
mysqli_close($con);
}
}
?>
The insert is perfect for me, in the database the password field is char(60) and the login after I print the data in json to be able to save them in android