Password Hashing issue with password_hash & password_verify

Question

I currently upgraded my server to PHP 5.5 and want to make good use of the new functions password_hash and password_verify.

I cant seem to get a hash to be verified correctly? I have copied the exact examples from the PHP manual and it still seems to be returning false?

Is their something I am missing?

$hash = password_hash("rasmuslerdorf", PASSWORD_DEFAULT)."\n";


if (password_verify('rasmuslerdorf', $hash)) {
    echo 'Password is valid!';
} else {
echo 'Invalid password.';
}

returns

Invalid password.

Answer 1

You're appending a \n to your hash, which CHANGES the hash:

$hash = password_hash("rasmuslerdorf", PASSWORD_DEFAULT)."\n";
                                                         ^^^^---here

Eliminate that, and it'll start working.

Answer 2

I think the problem is that you are appending a new line with '\n' at the end.

They are using that to add a newline to the output in the examples.