I get a PHP Error and returning empty body on hurl.it. Im trying to hash the password of existing users in my DB.
using user_id as POST and update it to my DB in a new created column
// Create connection
$con = mysqli_connect($dbPath,$dbUserName,$dbPassword,$dbSchema);
// Check connection
if (mysqli_connect_errno()) {
$error = "DB connection error";
}
$user_id = $_POST['user_id'];
//exisitng password
$sql = mysqli_query($con, "SELECT password FROM user_table
WHERE user_id = '$user_id'");
if(!$sql) $error = "SELECT user_table error";
$i=0;
while($result = mysqli_fetch_assoc($sql)){
$hash[$i] = $result;
if($hash[$i]) {
$check_hash = password_hash($hash[$i], PASSWORD_DEFAULT);
//store into DB
$result2 = mysqli_query($con, "INSERT INTO user_table (password_secure) VALUES ('$check_hash')");
}
$i++;
}
if(!$result2) $error = "INSERT user_table error";
// Set returns
if (!$error) $status = "successful";
There are many problems in your code, but the main culprit is the fact that you use INSERT when you should really be using UPDATE:
UPDATE user_table SET password_secure=? WHERE user_id=?
$result will be an array, because you're using mysqli_fetch_assoc() so you're trying to hash an array
$password = $result['password'];
if($password){
$check_hash = password_hash($password, PASSWORD_DEFAULT);