dangillow

Sorry for all the posts. But I just noticed that when I echo the password passed to the check_login.php regardless of the password entered the returned value is always 'd41d8cd98f00b204e9800998ecf8427e' [code] <?php session_start(); $_SESSION['employee_id'] = $_POST['employee_id'];  // Use This for passing variables with session $_SESSION['password'] = md5($_POST['password']); // Login information include('db_login.php'); // Connect $connection = mysql_connect($db_host, $db_username, $db_password); if (!$connection) {     die ("Could not connect to the database: <br> />". mysql_error()); } // Select the database $db_select=mysql_select_db($db_database); if (!$db_select) {     die ("Could not select the database: <br> />". mysql_error()); } // Execute query $employee_id = $_POST['employee_id']; $password = md5($_POST['password']); $query = "SELECT * FROM employee WHERE employee_id='$employee_id' and password='$password'"; $result = mysql_query($query) or die(mysql_error()); $count=mysql_num_rows($result); echo "<p>Password Is: $password </p>"; echo "<p>$count Rows Returned</p>"; if($count > 0) { $_SESSION['employee_id'] = $_POST['employee_id']; $_SESSION['password'] = md5($_POST['password']); header("location:welcome.php"); } else { echo "Wrong Username or Password"; } mysql_close($connection); ?> [/code]

Ok I think I've found the problem. I just used echo to print out the password being passed to check_login and its different to the one stored in my database? Now how could that be? What could be causing that? Using password 'qwerty' in mysql db is: d8578edf8458ce06fbc5bb76a58c5ca4. When trying to login using password 'qwerty' I get this returned: d41d8cd98f00b204e9800998ecf8427e How do I fix this?  :o

Hi, I double checked that my password before and after, and they are the same. The password is 'qwerty' I looked up the MD5 value in phpMyadmin and got this "d8578edf8458ce06fbc5bb76a58c5ca4" I then wrote the code below. So what else could it be? I have dropped and re-created my table and populated it, just in case it was damaged. Any ideas? Danny [code] <?php $str = "qwerty"; echo md5($str); if (md5($str) == 'd8578edf8458ce06fbc5bb76a58c5ca4') { echo "<br />Passwords Match!"; } else { echo "<br />Passwords don't match"; } ?> [/code]

Yes password is being stored in my database as MD5. It's hashed so I assume it is.

Hi There, This PHP script is driving me nuts! I have an employee table which stores employee_id and password used for logging in to the website. I've written a a check_login.php file which keeps telling me "Wrong Password" when tee username and password are correct. Here's my code? Am I doing something stupid!  ;) [code] <?php session_start(); $_SESSION['employee_id'] = $_POST['employee_id'];  // Use This for passing variables with session $_SESSION['password'] = md5($_POST['password']); // Login information include('db_login.php'); // Connect $connection = mysql_connect($db_host, $db_username, $db_password); if (!$connection) {     die ("Could not connect to the database: <br> />". mysql_error()); } // Select the database $db_select=mysql_select_db($db_database); if (!$db_select) {     die ("Could not select the database: <br> />". mysql_error()); } // Execute query $employee_id = $_POST['employee_id']; $password = md5($_POST['password']); $query = "SELECT * FROM employee WHERE employee_id='$employee_id' and password='$password'"; $result = mysql_query($query) or die(mysql_error()); $count=mysql_num_rows($result); echo "$count Rows Returned "; if($count > 0) { $_SESSION['employee_id'] = $_POST['employee_id']; $_SESSION['password'] = md5($_POST['password']); header("location:welcome.php"); } else { echo "Wrong Username or Password"; } mysql_close($connection); ?> [/code] Thanks! Danny