Ok, I have a simple registration form, which md5's the password.
Now I'm trying to make it so user can login, however, the passwords obvisiously don't match, as the password is encrypted. I tried putting md5( ) around the $password variables in my script, but as I've just learned what md5 is just now, I'm not sure that I'm doing it right.
The long and short of it is, users can't login, they get the login faile error. Here's my script
if (!@mysql_select_db('smeep')) {
exit('Unable to locate the ' .
'database at this time.');
}
if ((!isset($_POST['username'])) || (!isset($_POST['password']))){
echo 'Username or Password Incorrect';
exit();
}
else
{
$username = $_POST['username'];
$password = md5($_POST['password']);
$query = "SELECT password FROM webfriends WHERE username ='$username'";
$result = mysql_query($query);
if (!$result)
{
echo 'Username or Password Incorrect';
}
else
{
$password = mysql_result($result, 0, 'password');
if ($password == md5($_POST['password']))
{
setcookie ("wfcookie", "you are logged in", time()+3600);
echo 'login success <br />';
echo 'attemtping to redirect <br />';
echo '<p>Click <a href=http://www.webfriends.biz>here</a> if you do not wish to wait</p>';
header("Location: http://www.webfriends.biz"); /* Redirect browser */
}
else
{
echo 'login failed';
}
}
}
?>
