I've been following an article on a website, trying to create a login in page and connect it to a database I've created in MySQL. I followed the article fairly well and tweaked it where I needed to, but I keep getting the same message error as above when I try to login with a user I registered.
I checked the code on the website I was referencing from over and over to see if I misspelled anything but there were no errors. I equally searched and found similar problems but still couldn't find the solution to mine. Here is the link to the website I was following if it's needed. (https://dzone.com/articles/ceate-a-login-system-using-html-php-and-mysql) I'm still a beginner in php and MySQL so I may be missing something. any help is appreciated. Here is the code for the server side of the login.
$error = '';
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['submitlog'])) {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
//validate if username is empty
if (empty($username)) {
$error .= '<p class="error">Please enter username.</p>';
}
//validate if password is empty
if (empty($password)) {
$error .= '<p class="error">Please enter your password.</p>';
}
if (empty($error)) {
if($query = $db->prepare("SELECT * FROM users WHERE username = ?")) {
$query->bind_param('s', $username);
$query->execute();
$row = $query->fetch();
if ($row) {
if(password_verify($password, $row['password'])) {
$_SESSION["userid"] = $row['id'];
$_SESSION["user"] = $row;
//redirect the user to welcome page
header("location: ./department1.php");
exit;
} else {
$error .= '<p class="error">The password is not valid.</p>';
}
} else {
$error .= '<p class="error">No User exist with that username.</p>';
}
}
$query->close();
}
//close connection
mysqli_close($db);
}
my php points at the following line of code that with the problem
if(password_verify($password, $row['password'])) {
please let me know if any other script is needed and I will provide it. I don't want to populate the whole place with all the other scripts.
