php - Unable to verify password using password_verify -

when user clicks submit button, ajax pass data php scripts check if login valid or invalid.

below, password not verified. data passed(email,password) checklogin class correct, because other data can retreived using email address.it's when comes

$flag=false;     if (password_verify($this->password, $hashandsalt)) {         $flag=true;     } 

its returning false. couldn't spot mistake.can see wrong in script?

js

/*login user*/  $("document").ready(function(){     $("#login-user").submit(function(){         alert("submited");                   var data = {         "action": "test"       };       data = $(this).serialize() + "&" + $.param(data);       $.ajax({         type: "post",         datatype: "text",         url: "login-this-user.php", //relative or absolute path response.php file         data: data,         success: function(data) {             console.log(data);             alert(data);          }       });//end success       return false;     });//end form   }); 

php

<?php session_start(); include('config.php'); include('class.login.php');  //$return = $_post; $return ='{"email":"jane@ymail.com","pass":"jane","action":"test"}';  //$return['json']= json_encode($return);   //     //below code store in database  $data = json_decode($return, true); $login = new checklogin(); $return_value = $login->checklogin($data["email"],$data["pass"]);  echo $return_value;    ?> 

class check login

 <?php  class checklogin {    public $email;    public $password;    public $userid;     public $salt;    public $hpass;        public function __construct()     {      }     public function checklogin($param1, $param2)     {         $this->email=$param1;         $this->password=$param2;          $sql = "select *from agency  agency_email='{$this->email}'";         $statement = connection::$pdo->prepare($sql);         $statement->execute();         while( $row = $statement->fetch()) {         echo "salt ".$salt=$row['agency_salt'];         echo "hash ".$hashandsalt=$row['agency_pass'];           $user_id=$row['agency_id'];          }         $flag=false;         if (password_verify($this->password, $hashandsalt)) {             $flag=true;         }          return $flag;     }   }  ?> 

table structure

hashing when signing user , storing password:

/*....salting starts........*/ $cost = 10; $salt = strtr(base64_encode(mcrypt_create_iv(16, mcrypt_dev_urandom)), '+', '.'); //$salt = sprintf("$2a$%02d$", $cost) . $salt; $options = array('cost' => $cost,'salt' => $salt);  //$password = crypt($data['password'], $salt); $hash = password_hash($data['passsword'], password_default,$options);   /*..........salting ends..............*/