Best algorithm for hash password in php and How work it? [duplicate]

  php

I want to hash the password and compare the hash but I do not know.
This is my code.
The password value is stored in the database, but in the login.php section it cannot compare the password registered in the database.

register.php

<?php

require_once 'connection.php';

$username  = @$_GET ['username'];
$password  = @$_GET ['password'];
$pnumber   = @$_GET ['pnumber'];
$aliasname = @$_GET ['aliasname'];
$hash=password_hash($password,PASSWORD_DEFAULT);
$query_check = "SELECT username ,pnumber,password  FROM users WHERE username = '$username' AND pnumber = '$pnumber' AND password = '$password' ";

$result = @mysqli_query($connection,$query_check);

if(@mysqli_num_rows($result)>0){
    
    $key = "USER_REGISTER";


}else{
   
    $query_register = "INSERT INTO users (username,password,pnumber,aliasname) VALUES ('$username','$hash','$pnumber','$aliasname')"; 

    if(mysqli_query($connection,$query_register)){

         $key = "SUCCESS";
    }else{

        $key = "WRONG";
    }
}
       echo json_encode(array("response"=>$key));
       mysqli_close($connection);


?>

login.php

<?php

require_once 'connection.php';

$username  = @$_GET ['username'];
$password  = @$_GET ['password'];


$query_check = "SELECT username ,password FROM users WHERE username = '$username' AND password = '$password' ";

$result = @mysqli_query($connection,$query_check);

if(@mysqli_num_rows($result)>0){
    if(password_verify($password,$result))
{
    $key = "USER_LOGIN";
}
}

else{

   
  
        $key = "NO_ACCOUNT";
}
       echo json_encode(array("response"=>$key));
       mysqli_close($connection);


?>

Tell me which part of my code is wrong

Source: Ask PHP

LEAVE A COMMENT