问题
<?php
$hash = password_hash("rasmuslerdorf", PASSWORD_DEFAULT);
echo $hash;
if (password_verify('rasmuslerdorf', $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
?>
Above is my code on hashing password using bcrypt. Everytime I refresh my browser, the $hash returns different results, which I think it's normal because crypt() function does that too.
However, I don't understand why the result returns 'Invalid Password' when comparing using password_verify() function. I'm not sure what I'm doing wrong because I'm following the guide here How do you use bcrypt for hashing passwords in PHP? using this library : https://github.com/ircmaxell/password_compat
My php version is 5.4.x... I've included the password_compat library.
来源:https://stackoverflow.com/questions/24927837/password-verify-returns-false-using-password-compat-library