I am still new to PHP. I tried Mr. Andrew Moore's method. The password wasn't matching. I tried playing with Andrew Liu's code and the answers from the post. When I try to var_dump I am not getting true or false. I am not sure what I am doing wrong. Can someone please let me know?
$bcrypt = new Bcrypt(15);
$username = sanitize($username);
$password = $_POST['password'];
DEFINE('DB_USER', 'root');
DEFINE('DB_PASSWORD', 'password');
DEFINE('DB_HOST', 'localhost');
DEFINE('DB_NAME', 'users');
$dbh = @mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$check_username = $dbh->prepare("SELECT password FROM user WHERE username= '$username'");
$check_username -> execute(array($username));
while($row = $check_username->fetch(PDO::FETCH_ASSOC)){
$check_password = $row['password'];
$isGood = $bcrypt->verify($password, $check_password);
var_dump($isGood);
}
var_dumpthen?var_dump($row)