Welcome to the Treehouse Community

Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.

Start your free trial

PHP PHP User Authentication Adding Authentication to Your Application Password Hashing

Posted by Seo Park
Seo Park
1,346 Points

I don't know whats wrong.

If I add path it will still display error please help

index.php 
<?php
function newPasswordValid($userPassword, $currPassword, $newPassword, $confirmNewPassword){

$currPassword = request()->get('current_password');
$newPassword = request()->get('password');
$confirmPassword = request()->get('confirm_password');
}

1 Answer

Corey Cramer
Corey Cramer
9,453 Points

Because we are writing a function we should depend on the variables being passed into it as opposed to trying to fetch them inside of the function by accessing the request directly. Operating on that premise we compare the current password to the one the user supplied in the form to make sure they match and we make sure that their new password matches the confirmation box. If both of those pass, we return a new hashed password to store otherwise we return false.

<?php

function newPasswordValid($userPassword, $currPassword, $newPassword, $confirmNewPassword) {
    if (password_verify($currPassword, $userPassword) &&
        $newPassword == $confirmNewPassword)
    {
      return password_hash($newPassword, PASSWORD_DEFAULT);
    }

    return false;
}