Lazzo Posted January 22, 2011 Share Posted January 22, 2011 Okay, so I am trying to create a login page My problem is that after I register and I want to login it says I have an incorrect password I encrypted the password with the md5 function and when I echoed the password in the db I get e882b72bccfc2ad578c27b0d9b472a14 and when I echoed the password I tried to login with I get e882b72bccfc2ad5 The password seems to be correct, just cut in half... Now why is the password I logged in with half the size it should be? Quote Link to comment Share on other sites More sharing options...
trq Posted January 22, 2011 Share Posted January 22, 2011 Well never know without seeing some relevant code. Quote Link to comment Share on other sites More sharing options...
Lazzo Posted January 22, 2011 Author Share Posted January 22, 2011 $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=signup.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $info['password'] = stripslashes($info['password']); $_POST['password'] = md5($_POST['password']); $_POST['password'] = stripslashes($_POST['password']); //gives error if the password is wrong if ($_POST['password'] != $info['password']) { echo 'Incorrect password, please try again.'; echo $_POST['password']; echo '<br />'; echo $info['password']; } this is the code where it checks if the passwords match Quote Link to comment Share on other sites More sharing options...
hvandracas Posted January 22, 2011 Share Posted January 22, 2011 Check your database field where password hash is held. Maybe it is set to contain way less characters than needed. Quote Link to comment Share on other sites More sharing options...
Lazzo Posted January 22, 2011 Author Share Posted January 22, 2011 Check your database field where password hash is held. Maybe it is set to contain way less characters than needed. How silly of me, it works now! Thanks a lot! I actually thought the password I put in to login was too short not the one in the db lol Quote Link to comment Share on other sites More sharing options...
trq Posted January 22, 2011 Share Posted January 22, 2011 The way your doing your check is a pretty long winded approuch too. <?php $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $sql = "SELECT * FROM users WHERE username = '$username' && upass = '$passoword'"; if ($result = mysql_query($sql)) { if (mysql_num_rows($result)) { // log user in. } else { // invalid login. } } Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.