solidrichard Posted May 16, 2011 Share Posted May 16, 2011 Hi, I my first problem is hashing passwords to md5. My second problem is defining session on value from db. There is my code but not working. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $username=$_POST['username']; $password=$_POST['password']; $hash = md5($password); $username = stripslashes($username); $password = stripslashes($password); $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $sql="SELECT * FROM $tbl_name WHERE where username = '$username' and password = '$hash'"; $result=mysql_query($sql); $count=mysql_num_rows($result); if($count==1){ $sql2="SELECT access FROM $tbl_name WHERE username='$username' and password='$password'"; $access=mysql_query("$sql2"); session_register("username"); session_register("password"); session_register("access"); $_SESSION["access"]=$access; header("location:success.php"); } else { echo "Invalid Username or Password"; Thanks for any answers. Quote Link to comment https://forums.phpfreaks.com/topic/236529-md5-and-session-defining-problem/ Share on other sites More sharing options...
trq Posted May 16, 2011 Share Posted May 16, 2011 Your going to need to be allot more descriptive than that I'm afraid. The only thing that stands out to me is your use of the long ago deprecated session_register function, doesn't anyone look at the manual these days? Quote Link to comment https://forums.phpfreaks.com/topic/236529-md5-and-session-defining-problem/#findComment-1215967 Share on other sites More sharing options...
solidrichard Posted May 16, 2011 Author Share Posted May 16, 2011 Thanks ... My problem is I use $hash to check if the password and password in db for that user matching . But it doesnt working :/ Quote Link to comment https://forums.phpfreaks.com/topic/236529-md5-and-session-defining-problem/#findComment-1215969 Share on other sites More sharing options...
trq Posted May 16, 2011 Share Posted May 16, 2011 Please, read the 'How To Ask?' link in my signature. Quote Link to comment https://forums.phpfreaks.com/topic/236529-md5-and-session-defining-problem/#findComment-1215973 Share on other sites More sharing options...
anupamsaha Posted May 17, 2011 Share Posted May 17, 2011 Correct. session_register() is out dated. Use $_SESSION['your_variable'] = $value; instead Regarding your problem, try the following: $username=$_POST['username']; $password=$_POST['password']; $hash = md5(stripslashes($password)); $username = stripslashes($username); // Commented the following line. $hash is generated before the stripslahes is used //$password = stripslashes($password); This might help. Quote Link to comment https://forums.phpfreaks.com/topic/236529-md5-and-session-defining-problem/#findComment-1216468 Share on other sites More sharing options...
radi8 Posted May 17, 2011 Share Posted May 17, 2011 Also, inthe $sql2 string, you are passing the $password variable, whic is not the md5 value. Try passing in the $has value instead (just a guess since I would expect all passwords to be in the md5 format). Quote Link to comment https://forums.phpfreaks.com/topic/236529-md5-and-session-defining-problem/#findComment-1216601 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.