0

I am using PHPass and the CheckPassword function is ALWAYS returning a false despite everything I have tried and tested. I am doing this for an older PHP version of 5.3 (unfortunately) so there must be a nuance I am missing?

Password Database Table Field Collation is utf8_general_ci (tried unicode too) and varchar length is 62

Tried: 

$hasher = new PasswordHash(8, false);
$hasher = new PasswordHash(30, false);
$hasher = new PasswordHash(8, true);

Using correct sytanx: 

if ($hasher->CheckPassword($password, $stored_hash)) { ... }

The correct variable contents are being sent. Changed in both creation/register and checkpassword/login scripts as well as emptied database and retried each time. Any idea why I am unable to get a correct match beyond that I have already tried would be helpful. Thanks!

TommyRay
  • 131
  • 8
  • Try doing it manually without using any database. – adi rohan Sep 07 '14 at 18:22
  • Manually within same script file it works fine, adi. Would this indicate the hash not saving to the database correctly? I'm getting records of around 32 characters for a hashed password being saved there. – TommyRay Sep 07 '14 at 20:02
  • That's why I was messing with the MySQL collation a bit to see if it made a difference. It's saved in the stated recommended varchar with enough length after a successful hash, so I am quite perplexed. Don't know why a separate script file would make a difference. (I confirm registration from an email link and continue before login is offered.) – TommyRay Sep 07 '14 at 21:46
  • 1
    UPDATE: I reconstructed the code from scratch and it works (?) Could have been arbitrary unseen but I basically cut and pasted the main aspects without any validation/filtering. Therefore it's NOT in how CheckPassword is working nor in the data read in by posted form nor database hash. It was the actual saving TO the Database, as I tested on the other accounts previous and still returned false. Time for a break, I will need to re-write the rest of it in and if I find the real culprit I will post my result along with other useful info I came across in my couple days of research here. Thanx! – TommyRay Sep 08 '14 at 21:18

0 Answers0