Password Validation Not Working (Redeux)

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
sleepydad
Forum Commoner
Posts: 75
Joined: Thu Feb 21, 2008 2:16 pm

Password Validation Not Working (Redeux)

Post by sleepydad »

I've been trying for a week to figure out why the following isn't recognizing the md5() password in MySQL

Code: Select all

 
$username=$_POST['username'];
$password=$_POST['pword'];
 
$db=new mysqli('localhost', 'root', 'password', 'db_name');
 
$query="select * from `addresses` where `username` = '$username' and `password` = '".md5($password)."'";
$result=$db->query($query);
$numRows=$result->num_rows;
 
if ($numRows > 0) {
$row=$result->fetch_assoc();
$useID=$row['id'];
$query="update `addresses` set `username`='duplicate' where `id`='$useID'";
} else {
$query="insert into `addresses`(username, password) values ('".$username."', '".md5($password)."')";
}
$result=$db->query($query);
 
If I remove the md5() encryption, it recognizes the password without a problem. What should be happening is that if the username and password are verified the record should UPDATE. If not, INSERT a new record. Instead, it's creating a new record every time even though the md5() password is identical to previous records (ie first entry INSERTed md5() password:"0cc175b9c0f1b6a831c399e2697726" next entry supposed to UPDATE has md5() password: "0cc175b9c0f1b6a831c399e2697726" but still creates a new record). FYI, I've tried sha1() and crypt() with same results. I've tested locally on MAMP and uploaded to www - same results.

Suggestions????

Thanks
sleepydad
sleepydad
Forum Commoner
Posts: 75
Joined: Thu Feb 21, 2008 2:16 pm

Figured it out!

Post by sleepydad »

Yip-skip! It wasn't my PHP afterall. It was in MySQL. I had it set to VARCHAR(30) which apparently wasn't large enough to hold the entire encrypted password. I opened it up to VARCHAR(40) and it works now.

Life is good once again.
Post Reply