When v1.39h was upgraded to 1.57c, the customers_password entries in the DB were also upgraded
Given that our Server PHP = 5.6, the passwords should be upgraded by the php password_hash() right?
More specifically: password_hash($plain, PASSWORD_DEFAULT)
However, a separate utility which accesses the DB to validate customers, fails because it gets a different result.
password_hash($entered_password, PASSWORD_DEFAULT) does not match $customers_password in the DB
When I display the two long strings, they both start the same $2y$10$..... but after that, they are different.
Was the DB not upgraded with the php password_hash() function?
Bookmarks