Page 1 of 1

Having difficulties with the MD5 function

Posted: Fri Sep 03, 2010 8:46 pm
by nodnil
Hi,

I am trying to create a login script. From my register page, the password is md5 encrypted and I can see that is via the database browse function. I then have a login form and this is the code for my process login page:

Code: Select all

<?php

include("config.php");
//Retrieves nickname and password fields from login.php and puts them into variables $nickname and $password
$nickname = $_POST['nickname'];
$password = md5($_POST['password']);

//Counts the number of rows where $nickname and $password are in the database. If the password matches the nickname, this value should be 1. Puts this value into $count variable
$sql = "SELECT * FROM medieval WHERE nickname = '$nickname' AND password = '$password'";

$query = mysql_query($sql);
$count = mysql_num_rows($query);
$time = time()+ 3600;

//If count == 1, sets cookie
if($count == 1)
{
	setcookie(nickname, $_POST['nickname'], $time);
}
?>
However, if I print $count, it returns 0, not 1. This is driving me insane. Any ideas why this wouldn't be working? THanks

Re: Having difficulties with the MD5 function

Posted: Fri Sep 03, 2010 9:18 pm
by Jonah Bron
Welcome to PHPDN!

Try removing the " AND password = '$password'" part (just temporarily for debugging).

Re: Having difficulties with the MD5 function

Posted: Fri Sep 03, 2010 9:27 pm
by nodnil
Thankyou and thankyou for your reply.

Yes it works if I remove that piece of the query. It also works if I use plain text passwords and remove the md5 function from $password = md5($_POST['password']);

So I think the code I have works ok, just apart from the md5 function...

Re: Having difficulties with the MD5 function

Posted: Fri Sep 03, 2010 9:31 pm
by Jonah Bron
Sounds like you forgot to run md5 on the password before putting it into the DB in the first place.

Run this SQL command (warning, only run it once or you'll blow everything up).

Code: Select all

UPDATE medieval SET password = md5(password);

Re: Having difficulties with the MD5 function

Posted: Fri Sep 03, 2010 9:36 pm
by nodnil
Thank-you. I had run that but I did find the problem though. I hadn't made the length of the column long enough (had it set to only allow 20 characters) so not all of the md5 hash was being inserted into the database. Nonetheless, thankyou for your help. Greatly appreciated!

Re: Having difficulties with the MD5 function

Posted: Fri Sep 03, 2010 9:56 pm
by Jonah Bron

Code: Select all

ALTER TABLE medieval MODIFY password CHAR(32)
That will fix that problem.

Re: Having difficulties with the MD5 function

Posted: Sat Sep 04, 2010 8:11 pm
by Jonah Bron
Yes, after this, you should md5() the password before putting it into the DB.