Solved thread

This post is marked as solved. If you think the information contained on this thread must be part of the official documentation, please contribute submitting a pull request to its repository.

Why $this->security->checkHash function unable work

pls check below logincheck function for $this->security->checkHash,why unable get value for $res.

public function logincheckAction(){ if($this->request->isPost()) { $name = $this->request->getPost("name"); $password = $this->request->getPost("password"); $user =Users::findFirstByName($name); echo $user->password."<br/>"; echo $password;

        $res=$this->security->checkHash($password, $user->password) ;
        echo $res;


    }    
}
edited Jun '16

public function logincheckAction(){ if($this->request->isPost()) { $name = $this->request->getPost("name"); $password = $this->request->getPost("password"); $user =Users::findFirstByName($name); echo $user->password."<br/>"; echo $password;

        echo $this->security->checkHash($password, $user->password);



    }    
}

How exactly checkHash unable to work?

  • maybe User not exist in DB?
  • checkHash doesn't exist? - do you have services "security"?
public function logincheckAction(){
    if ($this->request->isPost()) {
        $name = $this->request->getPost("name");
        $password = $this->request->getPost("password");

        // I prefer to use form validation but ok, let's do this simply
        if (!empty($name) && !empty($password)) {
            $user = Users::findFirstByLogin($login);
            if ($user) {
                if ($this->security->checkHash($password, $user->password)) {
                    // Login success
                } else {
                    // Pasword not equal
                }
            } else {
                // User not found
            }
        } else {
            // Username or password can't be empty
        }
    }    
}

https://docs.phalconphp.com/en/latest/reference/security.html

Hi Kostya

I have test the exist user in DB,but unable to login system,and i have set services "security" in Public/index.php.

so i test the return value for function checkHash, is it boolean,right? but in result test, there is no any value get..

Hi Kostya,

i have set service "security" in Public/index.php as below code:

$di->setShared('security',function(){ $security = new Security(); $security->setWorkFactor(12); $security->setDefaultHash(Security::CRYPTBLOWFISHY); return $security; });

edited Jun '16

Hi!

  1. i have error in my code:
...
$user = Users::findFirstByLogin($login);  // wrong
$user = Users::findFirstByLogin($name); // correct
...
  1. try use vardump not echo and add die in end of action for to see output of vardump
...
var_dump($this->security->checkHash($password, $user->password));
die;
...


2.1k
Accepted
answer

Hi Kostya, I have found the root cause,DB hash require minimum varchar(60),but my DB password field is varchar(50),so i have changed,it is OK now,thanks for your great support on this.