Password Validation Not Working (Redeux)
Posted: Thu Jul 09, 2009 2:26 pm
I've been trying for a week to figure out why the following isn't recognizing the md5() password in MySQL
If I remove the md5() encryption, it recognizes the password without a problem. What should be happening is that if the username and password are verified the record should UPDATE. If not, INSERT a new record. Instead, it's creating a new record every time even though the md5() password is identical to previous records (ie first entry INSERTed md5() password:"0cc175b9c0f1b6a831c399e2697726" next entry supposed to UPDATE has md5() password: "0cc175b9c0f1b6a831c399e2697726" but still creates a new record). FYI, I've tried sha1() and crypt() with same results. I've tested locally on MAMP and uploaded to www - same results.
Suggestions????
Thanks
sleepydad
Code: Select all
$username=$_POST['username'];
$password=$_POST['pword'];
$db=new mysqli('localhost', 'root', 'password', 'db_name');
$query="select * from `addresses` where `username` = '$username' and `password` = '".md5($password)."'";
$result=$db->query($query);
$numRows=$result->num_rows;
if ($numRows > 0) {
$row=$result->fetch_assoc();
$useID=$row['id'];
$query="update `addresses` set `username`='duplicate' where `id`='$useID'";
} else {
$query="insert into `addresses`(username, password) values ('".$username."', '".md5($password)."')";
}
$result=$db->query($query);
Suggestions????
Thanks
sleepydad