I have been working on a website, (one of my first) and I have ran into a problem with the passwords. I found the below code to encrypt a password, which is what gets stored in the data base. I assumed that when the user enters his or her username and password, I could simply grab the password, do the same thing with it, compare that with what is in the database and it would be the same encrypted string, but it is not.
How can I do this? I don't have to use the code below to encrypt the password. I am sure there are many ways.
$cost = 10;
$salt = strtr(base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM)), '+', '.');
$salt = sprintf("$2a$%02d$", $cost) . $salt;
$password = crypt($password, $salt);