Having some problems here I am able to inster data into my database using crypt() as follows:
$getpass = $_POST['pass'];
$password = crypt(trim("$getpass"));
$insertSQL = sprintf("INSERT INTO content (username, password) VALUES (%s, %s)",
GetSQLValueString($_POST['user'], "text"),
GetSQLValueString($password, "text"));
now here comes the problem. I am trying to create a login page that validates the infromation username and password. But since the password is encrypted i need to encrypt the value before it can be checked. And I have had my hand at this and I am getting no where. Here is what I got
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}
if (isset($_POST['user'])) {
$loginUsername=$_POST['user'];
$pass=$_POST['pass'];
$passcrypt=md5($pass);
$password=$passcrypt;
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "http://www.google.com";
$MM_redirectLoginFailed = "http://www.msn.com";
$MM_redirecttoReferrer = false;
mysql_select_db($database_EevokePages, $EevokePages);
$LoginRS__query="SELECT * FROM content WHERE username='$loginUsername' and password='$password'";
$LoginRS = mysql_query($LoginRS__query, $EevokePages) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
My login always fails. Anybody see anything I am doing wrong here. Thanks
