md5() problem....

Mark

okay my problem is, when i try to log in, it doesnt encrypt the password with md5(), so it says incorrect password (because the passwords in the database are encrypted. heres my login script.

<?

$passwd = md5($passwd);
setcookie("username", $username);
setcookie("passwd", $passwd);
$dbuser = '****';
$dbpass = '****';



//connect to the DB and select the database
$connection = mysql_connect('localhost', $dbuser, $dbpass) or die(mysql_error());
mysql_select_db('Hazardnet', $connection) or die(mysql_error());
//set up the query
$query = "SELECT * FROM hazardnet_users
        WHERE username='$username' and passwd='$passwd'";

//run the query and get the number of affected rows
$result = mysql_query($query, $connection) or die('error making query');
$affected_rows = mysql_num_rows($result);

//if there's exactly one result, the user is validated. Otherwise, he's invalid
if($affected_rows == 1) {
print "Thank your for logging in, $username, Please continue into the <a href=\"members.php\">members area</a>";
}
else{
    print 'Sorry, you seem to have entered an incorrect Username/Password.';

}
?>

ir4z0r

deleted to avoid confusion

Weedpacket

//set up the query
    $query = "SELECT * FROM hazardnet_users
            WHERE username='$username' and passwd='$passwd'";

echo $query;

PS: Look in the MySQL documentation about the COUNT() function, and use that if all you want is a count.

mmilano

here's your problem:

    $passwd = md5($passwd);
    setcookie("username", $username);
    setcookie("passwd", $passwd);
    $dbuser = '****';
    $dbpass = '****';

you are encrypting the password before you set the cookie. this makes it so when the user comes back to the page.. it is trying to encrypt the encrypted password!

solution: encrypt the password AFTER you set the cookie.

   

    setcookie("username", $username);
    setcookie("passwd", $passwd);
    $passwd = md5($passwd);
    $dbuser = '****';
    $dbpass = '****';