if function is failing

[MadnessRed]

ok, here is my if function. The bit where it tells you the password won't be shown when I finish the script but atm it is proving useful.

 

if ($_GET['password'] != $row['password']){
die("Incorrect Password<br />You said: ".$_GET[password]."<br />Actual :".$row['password']);
}

 

I would expect that code above to say. if the (get password) and the password in the database base are different, then die. And when it dies I would expect he to md5 hashes that are displayed to be different.

 

however here the error.

 

Incorrect Password

You said: 5f4dcc3b5aa765d61d8327deb882cf99

Actual :5f4dcc3b5aa765d61d8327deb882cf99

[.josh]

er...maybe one of them somehow got a \n added onto the end, depending on where they came from? Or maybe the $row is on a column type that forces spaces concated to the end to make the full var type (like if it's supposed to be 40 chars but only 32 it will add 8 spaces)? Try trimming them.

[MatthewJ]

I know this might sound strange, but it has happened to me once...

 

If you are pasting in the md5 to a form field etc. to do the check, make sure you do not have any spaces at the beginning or end...

 

Hope it helps

[The Little Guy]

Why are you passing a password through a get?

[.josh]

Why are you passing a password through a get?

 

lol yeah I was kind of wondering that too but I mean I guess technically that's not really the issue at hand.

[MadnessRed]

how would I end up with spaces at the beginning/end?

 

also the database is "Varchar" with 40 characters.

[DarkWater]

Try trim($row['password']).  MD5 fields should be exactly 32 characters in length.