[Resolved] Login Script Errors

DeadFly

Everytime I try to login using this script it doesn't work, and I get the "Incorrect Username/Password" eventhough they are correct.
The problem seems to be with the PASSWORD('$xPassword'), but everything I see looks okay.

<?php ##### Login Script
require("config.php"); ///// Configuration
require(INC_DIR.INC_PREFIX."dbconnect.php"); ///// Database Connection
require(INC_DIR.INC_PREFIX."functions.php"); ///// Functions Include

if (isset($_POST['submit']))
{
    $message=NULL; ///// Empty variable        

///// Check for Username
if (empty($_POST['xUserName']))
{
        $xUserName=FALSE;
        $message .='You forgot to enter your username.<br>';
} else {
        $xUserName=escape_data($_POST['xUserName']);
}        
///// Check for Username
if (empty($_POST['xPassword']))
{
        $xPassword=FALSE;
        $message .='You forgot to enter your password.<br>';
} else {
        $xPassword=escape_data($_POST['xPassword']);
}

if ($xUserName && $xPassword) ///// If everything is okay
{
        ///// Retrieve the id and fname for that username/password combo
        $query="SELECT mem_id, mem_username FROM site_members WHERE mem_username='$xUserName' AND mem_password=PASSWORD('$xPassword')";
        echo $query;
        $result=mysql_query($query); ///// Run the query
        $row=mysql_fetch_array($result, MYSQL_NUM); ///// Return a record if exists            
        if ($row) ///// A record was pulled from the database
        {
                ///// Set cookies and redirect                        
                setcookie('uid', $row[0], time()+86400); ///// Set cookie for 1 day
                setcookie('uname', $row[1], time()+86400); ///// Set cookie for 1 day
                header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/cpanel.php");
                exit(); ///// Quit the script                        
        } else { ///// No record matched the query
                $message='Incorrect username and/or password, please try again.';
        }

} else {
        $message .='Please try again';
}
} ///// End of the Submit conditional
$_site_Page="Login"; ///// Title
require(INC_DIR.INC_PREFIX."header.php"); ///// Header including top navigation
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table width="40%" border="0" cellspacing="0" cellpadding="2" align="center">  

  <tr>
    <td>
		<table width="100%" border="0" cellspacing="0" cellpadding="1" id="border">
		  <tr>
		    <td align="center" colspan="2" bgcolor="<?=color_switch(2);?>"><b id="lgtext">User Login</b></td>
		  </tr> 
		  <tr bgcolor="<?=color_switch(0);?>">
		    <td><b>User Name</b></td>
		    <td><div align="right"><input type="text" name="xUserName" size="15" value="<?php if (isset($_POST['xUserName'])) echo $_POST['xUserName']; ?>" id="input"/></div></td>
		  </tr>
		  <tr bgcolor="<?=color_switch(1);?>">
		    <td><b>Password</b></td>
		    <td><div align="right"><input type="password" name="xPassword" size="15" value="<?php if (isset($_POST['xPassword'])) echo $_POST['xPassword']; ?>" id="input"/></div></td>
		  </tr>
		</table>
	</td>
  </tr>
  <tr>
    <td><div align="right"><input type="submit" name="submit" value="Login" id="inputb"/></div></td>
  </tr>
</table>
</form>
<?
require(INC_DIR.INC_PREFIX."footer.php"); ///// Footer including bottom navigation
?>

DeadFly

I figured it out.
I had the mem_password set as VARCHAR(15) when I guess PASSWORD() requires a VARCHAR(16).
:p