Validating login form

[SUNIL16]

Hi Friends,

 

I Created a registration page and a login form. Which are working fine.

 

Now i want to validate password field.

That is if some one given password  as Sunil7 while registering.

"S" is uppercase and all other are lowercase now in my code i am not able to check this one

below is my simple code

<?php
require "config.php";  

$username=$_REQUEST["uname"];
$password=$_REQUEST["password"];



$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

 

how to validate this case sensitivity. if he gives password as Sunil7 then only its has to login not in the case if he give sunil7

 

[Andy-H]

Just encrypt the password with md5() when you store it in the database and md5() the postdata and it will me more secure and case sensitive.

[premiso]

I would store the password in the DB as an MD5 hash. That will validate against case sensitivity and secure peoples passwords. You would have to change to when the password is inserted in the db it get's hashed using the md5 function to allow this.

 

<?php
require "config.php";  

$username=$_REQUEST["uname"];
$password=md5($_REQUEST["password"]);



$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
?>

 

If you do not want to hash the password, then this would work:

 

[code]
<?php
require "config.php";  

$username=mysql_real_escape_string($_REQUEST["uname"]);
$password=$_REQUEST["password"];



$sql="SELECT password FROM users WHERE username='$username' LIMIT 1";
$result=mysql_fetch_assoc(mysql_query($sql));
if (is_array($result)) {
    if ($result['password'] != $password) 
         die("Invalid username or password");
}else {
     die("Invalid username or password");
}
?>

 

I almost always store my passwords as an MD5 hash in the DB, securer and makes it easier to check against case sensitivity.