[RESOLVED] Log in script not recognising passwords

nc_brox

Hi,

I'm trying to create a members only section for my site. The registration part is looking good. But on the log in page, every time I try to log in it returns the error that the password is incorrect (when it isn't). (NB the password is encoded on the registration page also).

I have included the script below, could someone take a look and see where I am going wrong? I am pulling my hair out here!!

Thanks!!

// Get username and password from form
$Username = mysql_real_escape_string(strip_tags($POST['Username']));
$Password = mysql_real_escape_string(strip_tags($POST['Password']));

// Encode password
$Password = md5($Password);

// Check with database to see if user exists
$query = mysql_query("SELECT * FROM register WHERE Username = '$Username'");
$rows = mysql_num_rows($query);

// If username doesn't exist redirect to invalid login (un)
if ($rows == 0) {
header("Location:invalid_login.html");
}

// Check password for username matches
while ($check = mysql_fetch_array($query)) {
if ($Password != $check['Password']) {
// Password doesn't match. Redirect to invalid login (pw)
header("Location:invalid_login_pw.html");
} else {
// Redirect to members only area
header("Location:myprofile.html");
}
}

rincewind456

Please use [php ][/code] tags around your code snippets(without the space).

On a quick look there appears to be nothing wrong with the code.
I would suggest that you echo out the 2 password values to see if they are actually the same.

nc_brox

Thanks for the advice. I did that and realised that it was me being stupid when I set up the table in mySql and didn't give it a large enough number of figures, so the password that was being saved was getting cut off!

:queasy: