I'll make an attempt at answering this and if this is what the question's about.
You can assign a variable to a POST array (and using a post method for the form) to be passed as the first parameter for both functions, and check if it's not empty and using isset() against a named input/submit.
N.B.: The code below was written to be used inside the same file, as I used action="". If you intend on using this in two separate files, then by all means change the action to the filename used for it.
<?php
/*in the if statment make sure that the password is the same as in hash variable*/
$options = array('cost' => 12);
echo "Bcrypt: ";
if(isset($_POST['submit'])){
if(!empty($_POST['firstname'])){
$their_input = $_POST['firstname'];
echo $hash = password_hash($their_input, PASSWORD_BCRYPT, $options);
echo "<br>";
echo "Verify now:<br>";
if (password_verify($their_input, $hash)) {
echo 'Password is valid!';
} else {
echo 'Invalid password.';
}
}
else{
echo "You left this empty.";
}
}
?>
<p>Please enter a value to hash!</p>
<form action="" method="post">
Key:<br>
<input type="text" name="firstname"><br>
<input type="submit" name="submit" value="Submit">
</form>
Sidenote: If this is intended for passwords, then you should change the input type to "password" instead of "text".
If you later want to use this as a login system, then have a look at one of ircmaxell's answers https://stackoverflow.com/a/29778421/
If uses PDO and with a prepared statement.
Pulled from his answer:
Just use a library. Seriously. They exist for a reason.
Don't do it yourself. If you're creating your own salt, YOU'RE DOING IT WRONG. You should be using a library that handles that for you.
$dbh = new PDO(...);
$username = $_POST["username"];
$email = $_POST["email"];
$password = $_POST["password"];
$hash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $dbh->prepare("insert into users set username=?, email=?, password=?");
$stmt->execute([$username, $email, $hash]);
And on login:
$sql = "SELECT * FROM users WHERE username = ?";
$stmt = $dbh->prepare($sql);
$result = $stmt->execute([$_POST['username']]);
$users = $result->fetchAll();
if (isset($users[0]) {
if (password_verify($_POST['password'], $users[0]->password) {
// valid login
} else {
// invalid password
}
} else {
// invalid username
}
Important sidenote about column length:
If and when you do decide to use password_hash() or the compatibility pack (if PHP < 5.5) https://github.com/ircmaxell/password_compat/, it is important to note that if your present password column's length is anything lower than 60, it will need to be changed to that (or higher). The manual suggests a length of 255.
You will need to ALTER your column's length and start over with a new hash in order for it to take effect. Otherwise, MySQL will fail silently.
