Authenticating a user using mysqli and password_verify()


That's extremely popular question on various forums and Stack Overflow. An at the same time it's a very good example that can show you how to use Mysqli properly.

First of all make sure that your passwords are stored in the database using password_hash() function.

$stmt $link->prepare("SELECT * FROM users WHERE email = ?");
$user $stmt->get_result()->fetch_assoc();

if (
$user && password_verify($_POST['pass'], $user['pass']))
} else {

Related articles: