Here's the code I have, but I'm confused when it comes to hashing passwords using Bcrypt:
<?php
session_start();
include_once('bcrypt.php');
$db_host = 'localhost';
$db_user = '';
$db_pass = '';
$db_name = 'credentials';
if (!isset($_POST['userName']))
{
echo 'You did not enter a valid username.';
exit;
}
if (!isset($_POST['pass']))
{
echo 'You did not enter a valid password.';
exit;
}
$con = new mysqli($db_host, $db_user, $db_pass, $db_name);
if ($con->connect_error)
{
die('Connect Error (' . $con->connect_errno . ') ' . $con->connect_error);
}
$sql = "SELECT userName, pass FROM `Members` WHERE userName = ?";
if (!$result = $con->prepare($sql))
{
die('Query failed: (' . $con->errno . ') ' . $con->error);
}
if (!$result->bind_param('s', $_POST['userName']))
{
die('Binding parameters failed: (' . $result->errno . ') ' . $result->error);
}
if (!$result->execute())
{
die('Execute failed: (' . $result->errno . ') ' . $result->error);
}
$result->store_result();
if ($result->num_rows == 0)
{
die('There is no such username in our database.');
}
$result->bind_result($db_username, $db_password);
$result->fetch();
$result->close();
$con->close();
$bcrypt = new Bcrypt(15);
if ($bcrypt->verify($pass, $db_password))
{
$_SESSION['userName'] = $db_username;
header('location:index.html');
exit;
}
else
{
echo 'Incorrect username or password.';
}
Here is the error I'm getting after I click the submit button to login:
Warning: include_once(bcrypt.php): failed to open stream: No such file or
directory in C:\Users\Julian Buscema\Desktop\Subpost.me\htdocs\connectivity-
login.php on line 3
Warning: include_once(): Failed opening 'bcrypt.php' for inclusion
(include_path='.;C:\Users\Julian Buscema\Desktop\Subpost.me\php\PEAR') in
C:\Users\Julian Buscema\Desktop\Subpost.me\htdocs\connectivity-login.php on line 3
You did not enter a valid username.
I belive I'm missing bcrypt.php but I've never worked with Bcrypt so I'm not too sure where to go from here.
The problem is with your include file, bcrypt.php is missing from your root directory , you do not need to use Bcrypt like this because Bcrypt is already implemented in php and you can use a function instead.