trouble comparing passwords for registration form [RESOLVED]

[AdRock]

I am having trouble gettting the password entered by a user to be matched with the password that has to be re-entered for validation.

I have tested it and have used the same password but it says that the passwords don't match.

Can anyone see what is wrong?  I can't see what is wrong.

[code]<?php

// This is displayed if all the fields are not filled in
$empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back";


// You do not need to edit below this line

$first_name = stripslashes($_POST['first_name']);
$last_name = stripslashes($_POST['last_name']);
$email_address = stripslashes($_POST['email_address']);
$username = stripslashes($_POST['username']);
$password = stripslashes($_POST['password']);
$password2 = stripslashes($_POST['password2']);
$sex = stripslashes($_POST['sex']);

if (!isset($_POST['first_name'])) {

?>
<h2>Member Registration</h2>

<form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
    <p class="style3"><label for="first_name" style="width:8em">First Name:</label>
    <input type="text" title="Please enter your first name" name="first_name" size="30"/></p>

    <p class="style3"><label for=last_name" style="width:8em">Second Name:</label>
    <input type="text" title="Please enter your last name" name="last_name" size="30"/></p>

    <p class="style3"><label for="email_address" style="width:8em">Email address:</label>
    <input type="text" title="Enter your email address" name="email_address" size="30"/></p>

    <p class="style3"><label for="username" style="width:8em">Username:</label>
    <input type="text" title="Please enter a username" name="username" size="30"/></p>

    <p class="style3"><label for="password" style="width:8em">Password</label>
    <input type="text" title="Please enter a password" name="password" size="30"></p>

    <p class="style3"><label for="password2" style="width:8em">Re-enter Password</label>
    <input type="text" title="Please re-enter password" name="password2" size="30"></p>

    <p class="style3"><label for="sex" style="width:8em">Sex</label>
    <input type='radio' value=male checked name='sex'>Male <input type='radio' value=female  name='sex'>Female</p>

    <p>For security purposes, please enter the image text shown in the text box below.<br>If you have trouble reading the image, refresh the page to display a new one.</p>
    <img src="includes/captcha.php" alt="captcha image">

    <p class="style3"><label for="verify" style="width:8em">Image text:</label>
    <input type="text" title="Please enter the image text" name="verify" id="verify" size="6"/></p>

    <p class="style3"><label title="Register">
    <input type="submit" value="Register" style="margin-left:97px" class="submit-button"/></label></p>

</form>

<?php

}

elseif (empty($first_name) || empty($last_name) || empty($email_address) || empty($username) || empty($password) || empty($password2) || empty($_POST['verify']) && $_POST['verify'] == $_SESSION['captchstr']) {

    echo $empty_fields_message;

}

else {

    // Stop the form being used from an external URL
    // Get the referring URL
    $referer = $_SERVER['HTTP_REFERER'];
    // Get the URL of this page
    $this_url = "http://".$_SERVER['HTTP_HOST'].$_SERVER["REQUEST_URI"];
    // If the referring URL and the URL of this page don't match then
    // display a message and don't send the email.
    if ($referer != $this_url) {
        echo "You do not have permission to use this script from another URL.";
        exit;
    }

include 'includes/connection.php';

$status = "OK";
$msg="";

// if userid is less than 3 char then status is not ok
if(!isset($username) or strlen($username) <3){
$msg=$msg."Username should be 3 or more characters in length<BR>";
$status= "NOTOK";}

if(mysql_num_rows(mysql_query("SELECT username FROM users WHERE username = '$username'"))){
$msg=$msg."The username you have selected has already been used by another member in our database. Please choose a different Username!<BR>";
$status= "NOTOK";}

if(mysql_num_rows(mysql_query("SELECT email_address FROM users WHERE email_address = '$email_address'"))){
$msg=$msg."Your email address has already been used by another member in our database. Please submit a different Email address!!<BR>";
$status= "NOTOK";}

if ( strlen($password) < 3 ){
$msg=$msg."Password must be more than 3 characters in legth<BR>";
$status= "NOTOK";}

if ( $password <> $password2 ){
$msg=$msg."Both passwords do not match<BR>";
$status= "NOTOK";}

if($status<>"OK"){
   echo "<font face='Verdana' size='2' color=red>$msg</font><br><input type='button' value='Retry' onClick='history.go(-1)'>";
   exit();
   }
else
   {
   

$db_password = md5($password);

// Enter info into the Database. 
$sql = mysql_query("INSERT INTO users (first_name, last_name, 
        email_address, username, password, sex, signup_date)
        VALUES('$first_name', '$last_name', '$email_address', 
        '$username', '$db_password', '$sex', now())") 
        or die (mysql_error());

if(!$sql){
    echo 'There has been an error creating your account. Please contact the webmaster.';
} else {
    $userid = mysql_insert_id();
    // Let's mail the user!
    $subject = "Your Membership at Jack Godfrey Honeylands Support Fund!";
    $message = "Dear $first_name $last_name,

Thank you for registering at our website, http://www.jackgodfrey.org.uk!
     
You are two steps away from logging in and accessing our exclusive members area.
   
To activate your membership, 
please click here: http://www.project-sw.co.uk/jack/users/activate.php?id=$userid&code=$db_password
     
Once you activate your memebership, you will be able to login
with the following information:
Username: $username
Password: $password
     
Thanks!
The Webmaster
     
This is an automated response, please do not reply!";
     
mail($email_address, $subject, $message, 
    "From: jackgodfrey.org.uk Webmaster<admin@jackgodfrey.org.uk>\n
    X-Mailer: PHP/" . phpversion());
echo 'Your membership information has been mailed to your email address! 
Please check it and follow the directions!';
}
}   
}

?>[/code]

[Orio]

Change:
if ( $password <> $password2 ){

To:
if ( $password != $password2 ){

Orio.

[AdRock]

I've tried that and it still says the passwords don't match....even when they do!!

[ToonMariner]

you shoudl be using the strcomp functions - they are specifically designed to compare strings.

[AdRock]

I chnaged this

[code]if ( $password <> $password2 ){
$msg=$msg."Both passwords do not match<BR>";
$status= "NOTOK";}[/code]

to this

[code]if (strcmp( $password,$password2 ) !=0){
$msg=$msg."Both passwords do not match<BR>";
$status= "NOTOK";}[/code]

and it still says the passwords don't match

[king arthur]

Well the obvious thing to do is insert an echo to find out what the strings actually are at that point:

[code]
if ( $password <> $password2 ){
echo $password . "(" . strlen($password) . ")" . ", " . $password2 . "(" . strlen($password2) . ")";
$msg=$msg."Both passwords do not match<BR>";
$status= "NOTOK";}
[/code]

[king arthur]

Actually, what's in your connection.php? Is it also using a variable named $password?

[AdRock]

Yeah.....that was it....the $password to the database was in connection.php

Thanks king arthur....i would have never have thought of that