then my login script md5s the given password and checks to see if it matches the value in the database
however my values are not matching, can someone tell me why?
Here is my join code which inserts the value into the database
Code: Select all
$password = mysql_real_escape_string(strip_tags($_POST['password']));
$password3 = md5($password);
$sql4 = "INSERT INTO users (username, password, email, acode, timesignedup, activated) VALUES('$lowerusername', '$password3', '$email', '$acode', '$timesignedup', 'n')";Code: Select all
$uname = strtolower(mysql_real_escape_string(strip_tags($_POST['username'])));
$password = md5(mysql_real_escape_string(strip_tags($_POST['password'])));
$query = "SELECT * FROM users WHERE username = '$uname' AND password = '$password'";These two values are almost identical with the exception that e54568a is appended to the md5()'d password posted from the login form. This makes me think that an additional character or two is inserted into the validation script when executing.