The following function is not returning true and I do not understand why. I'm not getting any database errors, but it definitely returns false for some reason. The table and field names are 100% correct.
public function verify_password($username, $password){
$this->db->select('password');
$this->db->from('user_account');
$this->db->where('username', $username);
$query = $this->db->get();
if($query == $password){
return true;
} else {
return false;
}
}
The problem is that you need to get some results from your query. Read about Generating Query Results.
Revised method as follows
public function verify_password($username, $password)
{
//use method chaining, it's more efficient and less typing
$query = $this->db
->select('password')
->from('user_account')
->where('username', $username)
->get();
//were any matching rows found?
if($query->num_rows() > 0)
{
// get first row of data and check 'password' value against passed value
// return is a boolean
return $query->row()->password === $password;
}
//There are no rows that match so clearly not logged in
return false;
}
As the comments in your question point out you should not store plain text passwords.
password_hash()andpassword_verify().