password_verify() function always return false issue [closed]

this is my file where the login happens

$sql = 'SELECT * FROM users_back WHERE uidUsers =? OR emailUsers = ?';
        $stmt = $pdo->prepare($sql);
        $resut = $stmt->fetch(PDO::FETCH_ASSOC);
        if($row = $resut){
                $passcheck = password_verify($pass,$row['pwdUsers']);
                if($passcheck == false){
                else if($passcheck == true){
                    $_SESSION['userId'] = $row['idUsers'];
                    $_SESSION['userUId'] = $row['uidUsers'];


and this is my file which is supposed to change the password if the user forgot his password

$tokenEmail = $row['pwdResetEmail'];
            $sql = 'SELECT * FROM users_back WHERE emailUsers = ?';
            $stmt = $pdo->prepare($sql);
            $result = $stmt->fetch(PDO::FETCH_ASSOC);
            if(!$row = $result){
                echo 'there was an error!';
               $sql = 'UPDATE users_back SET pwdUsers=? WHERE emailUsers=?';
                $hashedpass = password_hash($pass,PASSWORD_DEFAULT);
                $stmt = $pdo->prepare($sql);

if I create a new user from the sign-up page, the password_verify() function returns the correct value but the problem is when I changed the password from the page, the password_verify() function always returns false even the password is true. *notice: -My database column which has a password value is LONGTEXT so it’s allowed to has the full hashed password. -I used tokens to reset the password.


I think, you have logic error in first script, in line $stmt->execute([$username,$pass]);. Because you have emailUsers = $pass in sql, its not right.

Please try $stmt->execute([$username,$username]);