PHP SHA256
echo hash('sha256', $_POST['ppasscode']);
Raising Star
echo hash('sha256', $_POST['ppasscode']);$signature = hash_hmac('sha256', "some string", "some secret");echo hash('sha256', 'some string');$hash = hash('sha256', 'hello, world!');
var_dump($hash);
$password = 'test123';
/*
Always use salt for security reasons.
I'm using the BCRYPT algorithm use any valid one you like.
*/
$options['salt'] = 'usesomesillystringforsalt';
$options['cost'] = 3;
echo password_hash($password, PASSWORD_BCRYPT, $options)Could this be a typo? (two Ps in ppasscode, intended?)
$_POST['ppasscode'];
I would make sure and do:
print_r($_POST);
and make sure the data is accurate there, and then echo out what it should look like:
echo hash('sha256', $_POST['ppasscode']);
Compare this output to what you have in the database (manually). By doing this you're exploring your possible points of failure:
Getting password from form
hashing the password
stored password
comparison of the two.