I am using phpass for password encryption. When I am adding a user the password is getting hashed and being stored in the database. But when I try logging with the user credentials stored in the database checkpassword returns an empty string. Below given is the code I am using for checking the passwords.
function PackageAccess($username,$password)
{
$db = new mysqli(DB_SERVER,DB_USER,DB_PASSWORD,DB_NAME) or die("Could not Connect");
$hasher = new PasswordHash(8,FALSE);
$accessvalue = 0;
$query = "select passwrd from usermaster where username=?";
if ($stmt=$db->prepare($query))
{
$stmt->bind_param("s",$username);
$stmt->execute();
$stmt->bind_result($a);
while($stmt->fetch())
{
if($hasher->CheckPassword($password,$a))
{
$accessvalue = 1;
}
else
{
$accessvalue = 0;
}
}
$stmt->close();
}
$db->close();
$hasher = null;
return $accessvalue;
}
This code always gives me an empty string and neither true nor false. Hoping somebody can throw some light on this.
