[SOLVED] md5 problem

[bschultz]

I'm doing some debugging on a script to authenticate an md5 password.

 

Here's the code to write the md5 password to the db:

 

$md5_pass = md5($_POST[password]);

mysql_connect($DBhost,$DBuser,$DBpass) or die("Unable to connect to database"); 

@mysql_select_db("$DBName") or die("Unable to select 
database $DBName"); 


$sqlquery = "INSERT INTO vip
VALUES('$_POST[email]', '$md5_pass', '$_POST[name]', '$_POST[address]', '$_POST[city]', '$_POST[state]',
'$_POST[phone]', '$_POST[age]')";

 

and here's the authentication part:

 

$final_email = $_POST[email];
$final_password = md5($_POST[password]);

$dbc = mysql_pconnect('localhost','user','password'); 
mysql_select_db('mix',$dbc); 

$sql = "SELECT * FROM vip WHERE email=$final_email AND password=$final_password"; 
$dbq = mysql_query($sql,$dbc); 

while ($row = mysql_fetch_array($dbq)) { 


echo ".$row[email]."; 
echo ".$row[password]."; 

}

 

I'm getting a mysql_fetch_array(): supplied argument is not a valid MySQL result resource error.  Any ideas what's wrong here?

 

Thanks!

[dingus]

firstly the problem dosent look like an md5 one more looks to me like a database problem how ever in your authentication try this

 

$final_email = $_POST[email];
$final_password = md5($_POST[password]);

$dbc = mysql_pconnect('localhost','user','password'); 
mysql_select_db('mix',$dbc); 

$sql = "SELECT * FROM vip WHERE email='$final_email' AND password='$final_password'"; 
$dbq = mysql_query($sql,$dbc); 

while ($row = mysql_fetch_array($dbq)) { 


echo ".$row[email]."; 
echo ".$row[password]."; 

}

 

also just a quick tip can i surest validating that $final_email before accusal useing it in the query..... important rule is "always validate user input"

[bschultz]

Still not working...and I've added some further debugging

 

<?php

$final_email = $_POST[email];
$final_password = md5($_POST[password]);

$dbc = mysql_pconnect('localhost','user','password'); 
mysql_select_db('mix',$dbc); 

$sql = "SELECT * FROM vip WHERE email='$final_email' AND password='$final_password'"; 
$dbq = mysql_query($sql,$dbc); 

while ($row = mysql_fetch_array($dbq)) { 


echo ".$row[email]."; 
echo ".$row[password]."; 

}
if (!$dbq) {
   echo "Could not successfully run query from DB: " . mysql_error();
   exit;
}

if (mysql_num_rows($dbq) == 0) {
   
echo "No Matches";
   
}


?>

[dingus]

ok im interested to know what the output of your debugging is how ever i will work with what i have at the moment

 

<?php

$final_email = $_POST[email];
$final_password = md5($_POST[password]);

$dbc = mysql_pconnect('localhost','user','password'); 
mysql_select_db('mix',$dbc); 

$sql = "SELECT * FROM `vip` WHERE `email`='$final_email' AND `password`='$final_password'"; 
$dbq = mysql_query($sql,$dbc); 

while ($row = mysql_fetch_array($dbq)) { 


echo ".$row[email]."; 
echo ".$row[password]."; 

}
if (!$dbq) {
   echo "Could not successfully run query from DB: " . mysql_error();
   exit;
}

if (mysql_num_rows($dbq) == 0) {
   
echo "No Matches";
   
}


?>

 

you can give that a try also if that still dose not work can you please tell me the output of any debugging the exact error you are getting and place

 

echo $sql ;

 

somewhere on your code so i can see the actual query

[revraz]

If you really want to find the error, use mysql_error after each mysql statement.

Also, echo your query to see what it contains.

[bschultz]

If I take out the

 

AND password='$final_password'

 

it still comes up with a No Matches

[bschultz]

My God do I feel dumb!  In working on this last night (way too late) I had a typo in my html form to login...every works now!

 

Thanks, and I'm sorry!

[PFMaBiSmAd]

I'm guessing this would have resulted in an undefined variable message if error_reporting and display_errors were on. Contrary to popular belief, well written and tested php code does not normally generate error/warning/notice messages.

 

When learning php, developing php code, or debugging php code, turn on full php error_reporting (E_ALL) and set display_errors ON to get php to help you.