...
 
Commits (2)
......@@ -26,8 +26,7 @@
$found = FALSE;
if ($result != NULL){
while ((!$found) and ($row = $result->fetch_assoc())) {
// echo $row["username"], " ", $row["password"];
if (($row["username"] == $username) and ($password == $row["password"])){
if (($row["username"] == $username) and (password_verify($password, $row["password"]))) {
$found = TRUE;
}
}
......
......@@ -23,7 +23,8 @@
$sql_query = 'INSERT INTO user (name, username, password, email, address, phone, profile_picture)
VALUES (?, ?, ?, ?, ?, ?, "null")';
if ($stmt = $conn->prepare($sql_query)) {
$stmt->bind_param("ssssss", $name, $username, $password, $email, $address, $phonenumber);
$encrypted_password = password_hash($password, PASSWORD_BCRYPT);
$stmt->bind_param("ssssss", $name, $username, $encrypted_password, $email, $address, $phonenumber);
$stmt->execute();
$stmt->close();
}
......