I'm having difficulty figuring out why user password hashing is not working.The way I do this is the normal method, where upon registration I create a randam salt and combine with password and store, but when I try to match the passwords for the login, they're failing 
\[code\]<?phpclass Model_users extends ModelType_DatabasePDO{ //... public function CheckCredentials($username,$password) { $statement = $this->prepare('SELECT user_id,user_salt,user_password FROM users WHERE user_username = :u'); $statement->bindValue(':u',$username); if($statement->execute()) { $user_data = http://stackoverflow.com/questions/3560026/$statement->fetch(PDO::FETCH_OBJ); //Create a new hash with salt $combined = $this->CombineHash($password,$user_data->user_salt); //Check the combination is correct! if($combined == $user_data->user_password) { return true; } var_dump($user_data->user_salt,$combined); return false; } return false; } //... public function AddUser($userdata) { if($userdata['username'] && $userdata['password'] && $userdata['email'] && $userdata['nickname']) { $statement = $this->prepare('INSERT INTO users (user_username,user_password,user_salt,user_email,user_nickname) VALUES 
username,
assword,:salt,:email,:nickname)'); //Generate hashes $salt = $this->GenerateSalt(); $password = $this->CombineHash($userdate['password'],$salt); //Generate Data block for insert $data = http://stackoverflow.com/questions/3560026/array(':username' => $userdata['username'], 'assword' => $password, ':salt' => $salt, ':email' => $userdata['email'], ':nickname' => $userdata['nickname'] ); if($statement->execute($data)) { return true; } } return false; } private function GenerateSalt() { //Create a random md5 string: $first = md5( rand(0,100) . time() . microtime() . uniqid() ); $second = md5( rand(0,100) . time() . microtime() . uniqid() ); for($i=0;$i<=32;$i++) { $string = ''; if($i % 2) { $string .= $first[$i]; }else { $string .= $second[$i]; } } return md5($string); } private function CombineHash($password,$hash) { return md5($password . $hash); }}?>\[/code\]All variables passed into the methods are raw and not salted or encrypted but merely validated :/Regards
\[code\]<?phpclass Model_users extends ModelType_DatabasePDO{ //... public function CheckCredentials($username,$password) { $statement = $this->prepare('SELECT user_id,user_salt,user_password FROM users WHERE user_username = :u'); $statement->bindValue(':u',$username); if($statement->execute()) { $user_data = http://stackoverflow.com/questions/3560026/$statement->fetch(PDO::FETCH_OBJ); //Create a new hash with salt $combined = $this->CombineHash($password,$user_data->user_salt); //Check the combination is correct! if($combined == $user_data->user_password) { return true; } var_dump($user_data->user_salt,$combined); return false; } return false; } //... public function AddUser($userdata) { if($userdata['username'] && $userdata['password'] && $userdata['email'] && $userdata['nickname']) { $statement = $this->prepare('INSERT INTO users (user_username,user_password,user_salt,user_email,user_nickname) VALUES username,assword,:salt,:email,:nickname)'); //Generate hashes $salt = $this->GenerateSalt(); $password = $this->CombineHash($userdate['password'],$salt); //Generate Data block for insert $data = http://stackoverflow.com/questions/3560026/array(':username' => $userdata['username'], 'assword' => $password, ':salt' => $salt, ':email' => $userdata['email'], ':nickname' => $userdata['nickname'] ); if($statement->execute($data)) { return true; } } return false; } private function GenerateSalt() { //Create a random md5 string: $first = md5( rand(0,100) . time() . microtime() . uniqid() ); $second = md5( rand(0,100) . time() . microtime() . uniqid() ); for($i=0;$i<=32;$i++) { $string = ''; if($i % 2) { $string .= $first[$i]; }else { $string .= $second[$i]; } } return md5($string); } private function CombineHash($password,$hash) { return md5($password . $hash); }}?>\[/code\]All variables passed into the methods are raw and not salted or encrypted but merely validated :/Regards