PDA

View Full Version : usernames using md5 ???



digitalvision
Jul 17th, 2002, 02:19 AM
i have recently been trying to create a site that uses an "account" system.

For extra care i have decided to store user passwords encrypted using the one way encryption md5!

now... i would think that this would be easy as i would get the password md5 it and then put it in teh database...

thats fine... all goes in but when i pull the md5 encrypted password out of the database to compare it with the users submiied password (via the login form) the 2 md5ed numbers dont match.

so... heres the code im using...

$password = md5($password);

$query = "SELECT password FROM table WHERE username=$username";
$result = mysql_query($query);

$member = mysql_fetch_array($result);

if ($password == $member['password'])
{

echo "login accepted";
}
else
{
echo "login failed";
}


thats just a quick example but thats basically what its using... always it comes back as "login failed"

????????

any help appreciated.... thanks in advance

firepages
Jul 17th, 2002, 02:51 AM
$query = "SELECT password FROM table WHERE username=$username";
should be

$query = "SELECT password FROM table WHERE username='$username'";

so I expect you are not getting an array returned in the first place

try that and also use mysql_error() to give you a clue whats going wrong..

$result = mysql_query($query)or die(mysql_error());