sdotsen

bingo! that’s all i needed to know. I’m sitting here playing w/ the functions and I get a completely different hash each time! thanks for the clarification. i’ll play with it a little more.

So my assumption with pulling it from the DB first is correct?

I get what you’re saying and I just tried the code you put up just now and the hash DOESN’T match what’s in the database!

If i keep refreshing the page, I get a new hash, so how could it possibly match what’s in the DB table?

this is all new to me and I’m trying to understand this whole concept of “hashing.” I used what you posted above, plugging in my password and what it displayed on the screen doesn’t equal what’s in my db table. I’m used to authenticating against md5 hashes.

Where do I get this value from?
“$hash = ‘hash of the password from the database’;”

Do I have to pull the hash out of the DB first and then compare it against what the user inputs?