Hello! I've recently been having trouble with my basic membership website. It is currently being tested with mamp on localhost. So I have two pages, login.php, and register.php. My register.php file is working fine. One of the things about my register file is the password, which is the thing I'm having serious trouble with. Here is the register.php code (Php code only)
$query = "INSERT INTO users (username,password,email) VALUES ('$username',md5(md5('$password'),'$email')";
if (!mysql_query($query)){
die('ERROR: ' . mysql_error . '');
}
echo "You have been registered successfully";
As far as I can see, the register.php file successfully inserts the data into my database, since I can see it through phpMyAdmin.
Now here's my login.php file.
<?php
$checkusername = $_POST['username'];
$checkpassword = $_POST['password'];
if (strlen($checkusername) <= 0){
echo "<p id='error'>You Need to enter a username!</p>";
}else{
if (strlen($checkpassword) <= 0){
echo "<p id='error'>You need to enter a password!</p>";
}else{
$query = mysql_query("SELECT * FROM users WHERE username='" . $checkusername ."'");
if (mysql_num_rows($query) == 1){
$query = mysql_query("SELECT * FROM users WHERE password='" . md5(md5($checkpassword)) . "'");
if (mysql_num_rows($query) == 1){
echo "Welcome, " . $checkusername . "! You are now logged in!";
$_SESSION['user'] = $checkusername;
$_SESSION['pass'] = $checkpassword;
}else{
echo "<p id='error'>Wrong Password!</p>";
}
}else{
echo "<p id='error'>Wrong Username!</p>";
}
}
}
?>
So, the issue here is when I fill out my php login form, I get a wrong password error. At first, I thought that I wasn't properly connecting to my database table, but I got no error. So I then decided to remove all of the md5 encryption. Without the encryption, my password got entered into the database, and the login file worked. So I think that my problem is the md5(). Now, how do I fix it?
I'm sorry if it turns out that the issue was some sort of basic mistake. I'm not the most experienced php coder.