login page problem

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
pleigh
Forum Contributor
Posts: 445
Joined: Wed Jan 19, 2005 4:26 am

login page problem

Post by pleigh »

hello,

i have a registration page to allow user to register to the mysql database, i already can encrypt the password using md5() function...now, the problem is, during login (in the login page), i cannot access the password using the same function md5().

can anybody help me with this concern??

thanks

pleigh
User avatar
neophyte
DevNet Resident
Posts: 1537
Joined: Tue Jan 20, 2004 4:58 pm
Location: Minnesota

Post by neophyte »

Compare md5() passwords. So you take the password stored in mysql and compare it to md5($_POST['password'])

Code: Select all

if ($password == md5($_POSTї'password']))
{

////Set session or what have you...

}
User avatar
pleigh
Forum Contributor
Posts: 445
Joined: Wed Jan 19, 2005 4:26 am

Post by pleigh »

thanks neophyte, below is my code, hope u can modify it...or anyone in the forum can share...thanks again..

this is for the login page:

Code: Select all

//verify password
if (empty($_POSTї'password'])) 
{
$pw = FALSE;
$message .= 'Please enter your password!<br>';
&#125; 
else 
&#123;
$pw = stripslashes($_POST&#1111;'password']);
&#125;
						
//if username and password OK...
if ($un && $pw) 
&#123;
$query = "SELECT userID, firstname FROM users WHERE username='$un' AND password=md5('$pw')";		
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM); 
if ($row) 
&#123; 									
$_SESSION&#1111;'firstname'] = $row&#1111;1];
$_SESSION&#1111;'userID'] = $row&#1111;0];
header ("Location:  http://" . $_SERVER&#1111;'HTTP_HOST'] . dirname($_SERVER&#1111;'PHP_SELF']) . "/template.php");
exit();				
&#125; 
else 
&#123;
$message = 'The username and password entered do not match.<br>'; 
&#125;
and this is for my registration page:

Code: Select all

//validate password
if (empty($_POST&#1111;'password1']))
&#123;
$pw = FALSE;
$message .= 'Enter your password!<br>';
&#125;
else
&#123;
if ($_POST&#1111;'password1'] == $_POST&#1111;'password2'])
&#123;
$pw = $_POST&#1111;'password1'];
&#125;
else
&#123;
echo 'Your password did not match the confirmed password!<br>';
&#125;
&#125;

if ($fn && $ln && $un && $pw && $e)
&#123;
$query = "INSERT INTO users(firstname, lastname, username, password, email)
values('$fn','$ln','$un', md5('$pw'), '$e')";
$result = @mysql_query($query);
		
if ($result)
&#123;
echo '<b>You have been registered</b><br>';
exit();
&#125;
else
&#123;
$message = 'You could not be registered due to system error.<br>'.mysql_error();
&#125;
Post Reply