here is the site http://www.openwall.com/phpass/
whoever is familiar with this class, my question is this
i'll be using the class found on that page to hash the password for members. the code declaration looks something like this
require_once("password.hash.php");
$blowfish = new PasswordHash(8, FALSE);
$blowfish->HashPassword($_POST['password']);
i noticed that when the password is entered in a textfield say i enter the password "sarmenhb" the hash that gets created doesnt stay the same where if i did it with md5. i noticed the password keeps changing everytime i enter sarmenhb.
how would i check to see if the password entered by the user matches against what is in the database??
i tried this
$blowfish->checkpassword($_POST['password'],"password in db");
but nothing shows up the screen is blank.
im doing this in testing that is why the fields arent escaped i just want to see if it works. but im getting no results... is there an alternative??
ps: im not doing this for wordpress its just locally on my own mvc.
=================================================== update:
i tried this
include("classes/hash.class.php");
$sec = new PasswordHash(8, FALSE);
$correct = "sarmenhb";
//pass generated from $sec->HashPassword($correct);
$hash = "\$P$\BeJb51gIUh8Qmb1DAW.Hkt1I4gnm2C1";
$check = $sec->CheckPassword($correct, $hash);
if($check) { print "correct"; }
else { print "incorrect"; }
and when i run it the output keeps showing incorrect.