havox Posted November 27, 2010 Share Posted November 27, 2010 +-----------+----------------------------------+ | username | password | +-----------+----------------------------------+ | user | Hash | +-----------+----------------------------------+ This is what I have set up in my database(obviously I'm not going to put the real user or hash). I'm trying to md5 what the user inputs for a password and compare it to the database, but I keep getting failed login attempts. <?php error_reporting(-1); ini_set('display_errors', 1); $host = "localhost"; $dbuser = "****"; $pass = "****"; $databasename = "login"; mysql_connect($host,$dbuser,$pass)or die('Could not connect: '.mysql_error()); mysql_select_db($databasename) or die(mysql_error()); if (isset($_POST["user"]) && isset($_POST["pwd"])) { $admin = mysql_query("SELECT username FROM members"); $pass = mysql_query("SELECT password FROM members"); if ($_POST["user"] == $admin && md5($_POST["pwd"]) == $pass) { session_register("admin"); session_register("pass"); header('Location:https://deadnode.com/output.php'); } else { echo"<center><h1>Failed login attempt.</h1></center>"; } } ?> Link to comment https://forums.phpfreaks.com/topic/220001-comparing-md5-hashes/ Share on other sites More sharing options...
PFMaBiSmAd Posted November 27, 2010 Share Posted November 27, 2010 mysql_query() returns a result resource, not the data value. I recommend reading a basic php/mysql tutorial to learn how to execute a query and fetch the data from the result resource. Also, session_register(), session_is_registered(), and session_unregister() were depreciated more than 8 years ago in favor of using the $_SESSION array. There are examples of how to use the $_SESSION array in the php.net documentation under Sessions. Link to comment https://forums.phpfreaks.com/topic/220001-comparing-md5-hashes/#findComment-1140322 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.