Mysql/Md5 whats wrong?

[spfoonnewb]

Hi,

I made this mysql/md5 script... the problem is that it always returns there is an error logging in. I created the password hash with the same function..

$md5pass = md5($password);

Is there a different way to pull it out?

[code]<?php

$link = mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("database") or die(mysql_error());

$username = $_POST["username"];
$password = $_POST["password"];

$username = ereg_replace("[^A-Za-z0-9]", "", $username);
//$password = ereg_replace("[^A-Za-z0-9]", "", $password);

$md5pass = md5($password);

if (!empty($username) && ($password)) {

$sql = ("SELECT * FROM test WHERE username = '$username' AND password = '$md5pass'");
$result = mysql_query($sql);

if($result){
if(mysql_num_rows($result) > 0) {

echo "Welcome back $username";
    echo "!";
 
} else {
   
echo "There was an error logging in";
   
    }
}
    }
else {
  echo "Please enter your username and/or your password.";
}

mysql_close($link);

?> [/code]

[Philip]

Make sure you have it set for 32 characters in the db :)

Try adding
echo $sql; after the sql statement if you have it set as 32 (or higher) varchar in the column info

[spfoonnewb]

[quote author=KingPhilip link=topic=123589.msg511053#msg511053 date=1169519202]
Make sure you have it set for 32 characters in the db :)
[/quote]

Haha, sadly that worked  ::)

It was set for 20, because initially I wasn't going to encrypt the passwords.


Thanks!  ;D