justAnoob Posted January 24, 2010 Share Posted January 24, 2010 I use this same script for 4 other pages that I have. But for some reason, it will not work this time. When i register, it goes in the database just fine, the password is md5. Now when I go to log in, it keeps telling me that it is invalid username or password. I can take out the md5 on the reg and log script and it works fine. This doesn't make sense cause the same scripts work on other pages for me. <?php session_start(); include 'connection.php'; $check = mysql_real_escape_string($_POST["username"]); $sql = "SELECT id FROM members WHERE username = '$check'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count > 0) { $_SESSION['dup'] = "This username is already registered."; header("location: http://www.somewhere.com"); exit(); } // if data is good, register the new member else { $username = mysql_real_escape_string($_POST["username"]); $password = md5($_POST["password"]); $sql = "INSERT INTO members (username, password)VALUES('$username','$password')"; mysql_query($sql) or trigger_error(); unset($_SESSION['dup']); header("location: http://www.somewhere.com"); exit(); } mysql_close(); ?> <?php session_start(); include 'connection.php'; $username = mysql_real_escape_string($_POST['username']); $password = md5($_POST['password']); $sql = "SELECT id FROM members WHERE username ='$username' and password = '$password' LIMIT 1"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count > 0) { $_SESSION['auth'] = "yes"; $_SESSION['who'] = "$username"; unset($_SESSION['message']); $_SESSION['goodlog'] = 'Welcome ' . $username . " <a href='http://www.somewhere.com/logout.php'>Log Out</a>" .' '; header("location: http://www.somewhere.com/index.php"); exit(); } else { sleep(2); $_SESSION['message'] = "Invalid User Id or Password."; header("location: http://www.somewhere.com/index.php"); exit(); } mysql_close(); ?> Quote Link to comment Share on other sites More sharing options...
premiso Posted January 24, 2010 Share Posted January 24, 2010 You can try adding this to see if the SQL is causing any errors: $result=mysql_query($sql) or trigger_error("Query Failed: " . mysql_error()); Quote Link to comment Share on other sites More sharing options...
justAnoob Posted January 24, 2010 Author Share Posted January 24, 2010 no errors, i'm stumped why this won't work. Quote Link to comment Share on other sites More sharing options...
justAnoob Posted January 24, 2010 Author Share Posted January 24, 2010 i took the encryted password from the database and entered it in the password field on the form. Then took out the md5 on the login script. Then when i log in, it works. It is something with the md5 on the login script. Quote Link to comment Share on other sites More sharing options...
laffin Posted January 24, 2010 Share Posted January 24, 2010 than I wud look closely how the password md5 generated results are, add some debugging code however with the usage of header() function, u may opt for creating a debug.log file Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted January 24, 2010 Share Posted January 24, 2010 The length of your password field in the table is probably too short to hold the complete md5 value. Quote Link to comment Share on other sites More sharing options...
justAnoob Posted January 24, 2010 Author Share Posted January 24, 2010 man dude i feel stupid right now, table length was set way too low. Solved, thanks everyone. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.