prepare($sql); $stmt->bind_param('s', $username); $stmt->execute(); $user = array(); if ($result = $stmt->get_result()){ while ($obj = $result->fetch_assoc()){ $user = [ 'password' => $obj['password'], 'unique_id' => $obj['unique_id'], ]; } } if ($user and password_verify($password, $user['password'])){ return $user['unique_id']; } return false; } catch(Throwable $t) { # Could be Error/Exception classes, that are both Throwable $errorMessage = "Throwable: ".$t->getCode().": ".$t->getMessage()."\n". "Line number ".$t->getLine()." in file ".$t->getFile()."\n". "Stack Trace: ". $t->getTrace()."\n". date('Y-m-d h:i:s A'); error_log($errorMessage, 0); # Email to the admin return NULL; } } function registerUser($conn, $username, $password, $password_repeat){ // Both passwords must match if ($password !== $password_repeat){ return false; } // First check if the username is taken. $sql = "SELECT 1 FROM user WHERE username = ?"; $stmt = $conn->prepare($sql); $stmt->bind_param('s', $username); $stmt->execute(); $stmt->store_result(); if($stmt->num_rows > 0){ return false; } // Hash and Secure password with a salt. // https://www.php.net/manual/en/function.password-hash.php $password = password_hash($password, PASSWORD_BCRYPT, ['cost' => 10]); // needs a unique id also for cookies, uniqID, with a hash appended $uniqueId = generateUniqueId(); // Now add the user details to the DB $sql = "INSERT INTO user (username, password, unique_id) VALUES (?, ?, ?)"; $stmt = $conn->prepare($sql); $stmt->bind_param('sss', $username, $password, $uniqueId); if ($stmt->execute()){ return $uniqueId; } return false; } function generateUniqueId(){ return uniqid() . '_' . md5(mt_rand()); }