Jump to content

md5 and session defining problem


solidrichard

Recommended Posts

Hi,

I my first problem is hashing passwords to md5.

My second problem is defining session on value from db.

There is my code but not working.

mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");


$username=$_POST['username']; 
$password=$_POST['password'];
$hash = md5($password);


$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

$sql="SELECT * FROM $tbl_name WHERE where username = '$username' and password = '$hash'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
$sql2="SELECT access FROM $tbl_name WHERE username='$username' and password='$password'";
$access=mysql_query("$sql2");
session_register("username");
session_register("password"); 
session_register("access");
$_SESSION["access"]=$access;
header("location:success.php");
}
else {
echo "Invalid Username or Password";

Thanks for any answers.

Link to comment
Share on other sites

Correct. session_register() is out dated. Use

$_SESSION['your_variable'] = $value;

instead

 

Regarding your problem, try the following:

 

$username=$_POST['username']; 
$password=$_POST['password'];
$hash = md5(stripslashes($password));

$username = stripslashes($username);
// Commented the following line. $hash is generated before the stripslahes is used
//$password = stripslashes($password);

 

This might help.

Link to comment
Share on other sites

Also, inthe $sql2 string, you are passing the $password variable, whic is not the md5 value. Try passing in the $has value instead (just a guess since I would expect all passwords to be in the md5 format).

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.