www.webdeveloper.com
Results 1 to 5 of 5

Thread: md5 problem in login

  1. #1
    Join Date
    Dec 2009
    Location
    City of Smiles
    Posts
    172

    md5 problem in login

    Good day/night everyone,

    I'm having a problem with my login script. I have my password in md5 hash in the registration. The registration is successful and the password is in md5 form in the database table. But the problem occurs whenever I try to login the username and password. It seems that the password enter during login is not == with the md5 password in the database. Here is my code, hope someone spent a little time with me

    PHP Code:
    <?php 
    include 'dbconnect.php'

    if(!
    $_POST['submit']) 

    ?> 

    <html> 
    ... 
    <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> 
          <p>Username&nbsp;:</br> 
          <input type="text" name="username" maxlength="20"> 
          </p> 
          <p>Password&nbsp;:</br> 
          <input type="password" name="password" maxlength="20"> 
          </p> 
          <p> 
          <input type="submit" name="submit" value="Submit"> 
          </p> 
          </form> 
    ... 
    </html> 
    <?php 

    else 

      
    $username cleanString($_POST['username']); 
      
    $password cleanString($_POST['password']); 

    if(
    $username && $password

        
    $password md5($password); 
        
    $sql="SELECT id,username FROM `users` WHERE `username`='$username' AND `password`='$password'"
        
    $query=mysql_query($sql) or die(mysql_error()); 

        if(
    mysql_num_rows($query) > 0
        { 
              
    $row mysql_fetch_assoc($query); 
              
    $_SESSION['id'] = $row['id']; 
              
    $_SESSION['username'] = $row['username']; 
               
         
              echo 
    "<script type=\"text/javascript\">window.location=\"members_area.php\"</script>"
        } 
        else 
       { 
            echo 
    "<script type=\"text/javascript\"> 
            alert(\"Your username or password is incorrect\"); 
            window.location=\"index.php\"</script>"

       }     

    else 
    {             
        echo 
    "<script type=\"text/javascript\"> 
        alert(\"You need to input your username and password\"); 
        window.location=\"index.php\"</script>"



    ?>

  2. #2
    Join Date
    Dec 2009
    Location
    City of Smiles
    Posts
    172
    help anyone

  3. #3
    Join Date
    Jan 2007
    Location
    Wisconsin
    Posts
    2,120
    Can we see the code that creates user rows?

  4. #4
    Join Date
    Jan 2007
    Location
    Wisconsin
    Posts
    2,120
    Oh ... and also the CREATE TABLE query for users.

  5. #5
    Join Date
    Jul 2009
    Location
    Falls Church, Va.
    Posts
    780
    Of course just add some simple debugging code to display both the parsed query (or content of $password at least) and compare that with what's actually in the database. I like to use phpMyAdmin in situations like this to see what's in the database with no fuss. Also, make sure that cleanString function you wrote works properly, i.e. stripping out the right characters and not the wrong ones so the hash is valid.

    -jim

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles