I haven't run across this previously, but it took me awhile to figure out my login script wasn't working because, when I set 'password' to the SQL datatype "PASSWORD", it takes it literally. Hence, when I try to type in my password as, say, 'test', PHP informed me it was incorrect - but if I put in the encrypted version, it accepts it!
So I tried putting in 'test' as a password without using the "PASSWORD" datatype in mysql, and bingo. It worked.
This is new to me, what's going on and how can I change my code to allow it to accept 'PASSWORD" datatypes in mysql?
if(isset($_POST['submit'])) {
if(!$db) {
print("<h1>Can't Connect to the DB!</h1>\n");
}
else {
mysql_select_db("mydb",$db);
}
$sql = "select * from users where username = '".$_POST['username']."'";
$result = mysql_query($sql);
$row_count = mysql_num_rows($result);
if($row_count == 0) {
?>
<h3>Wrong User Name! Try Again</h3>
<?
unauth();
}
else {
$row = mysql_fetch_array($result);
if($_POST['password'] != $row["password"]) {
?>
<h3>Incorrect Password! Try Again</h3>
<?
unauth();
}
else {
mainbody();
}
}
}
else {
unauth();
}
