md5 encryption trouble, not wanting to work with me...

VooDooRT

I'm having some problems trying to encrypt my passwords into my database and read them on each file via a cookie.

Here is what I have before I tried to add encryption:

function authenticate($user, $pass, $minimum_rank) {
  global $fontstring, $fontstring2, $headstring;
  global $myrow;
  $result = @mysql_query("SELECT * FROM members WHERE username = \"$user\"");
  $myrow = mysql_fetch_array($result);
  if($myrow != NULL)
     extract($myrow);

  // If the username matches the result in the mysql query and the password is correct
  // return the rank of the user.
  if($user == $username && $pass == $password and $username != NULL) {
	if($disable != 1) {
	  if($rank >= $minimum_rank) {
		return 1;
	  }
	  else {
		echo("
			<center>$fontstring
		<META HTTP-EQUIV=\"Refresh\" CONTENT=\"3; URL=main.php\"> 
			You do not posses a high enough rank.  Please sit tight while I forward you back to your login menu.
	  	");
	  }
	}
	if($disable == 1) {
	  echo("
		$fontstring
		You have been disabled.
	  ");
	}
  }
  else {
	if(!$user) {

	echo("
		<table border=0 cellpadding=2 cellspacing=0 style=border-collapse:collapse collapse bordercolor=#111111 width=100% id=AutoNumber1>
          <tr>
            <td width=100% colspan=2>
            <p align=center>$headstring
		Error: Username not found!<br></td>
          </tr>
          <tr><form action=main.php method=post>
            <td width=24%>$fontstring Username: </td>
            <td width=76%> <input type=text name=username size=15></td>
          </tr>
          <tr>
            <td width=24%>$fontstring Password: </td>
            <td width=76%> <input type=password name=password size=15></td>
          </tr>
          <tr>
            <td width=100% colspan=2>
            <p align=center>
		<input type=submit value=Login></td>
          </tr>
        </table>		
	");

}
else {
	echo("
		<table border=0 cellpadding=2 cellspacing=0 style=border-collapse:collapse collapse bordercolor=#111111 width=100% id=AutoNumber1>
          <tr>
            <td width=100% colspan=2>
            <p align=center>$headstring
		Error: Password not found!<br></td>
          </tr>
          <tr><form action=main.php method=post>
            <td width=24%>$fontstring Username: </td>
            <td width=76%> <input type=text name=username size=15></td>
          </tr>
          <tr>
            <td width=24%>$fontstring Password: </td>
            <td width=76%> <input type=password name=password size=15></td>
          </tr>
          <tr>
            <td width=100% colspan=2>
            <p align=center>
		<input type=submit value=Login></td>
          </tr>
        </table>
	");
}
  }

}

And in each file I call:

$username = $usercook;
$password = $passcook;
setcookie("usercook", "$username");
setcookie("passcook", "$password");

require("functions.php");

global $fontString, $myrow, $tableColor;

if(authenticate($username, $password, 16)) {
//code goes here that I want to protect
}

Everytime I try to encode password it doesn't want to let me log in...it's REALLY ticking me off to no end.

Ideas for an EASY way to encrypt this?

mikeatrpi

I don't see where you try to encode the password? When you store the password in the database, store its md5() value. Then every time you check the password, do this:

if(md5($password) == $pw_from_db) ...