Issue has been resolved. Thank you to all whom posted and helped me out. The column type was to short (varchar(25)) - I extended it and was able to login. Everyone's comments were appreciated.
I am having some issues when I try to log in using a test account I created. I am trying to make my own CMS. Right now I have the register page complete and working on the login page. I have MD5'd the user's password on register. When I go to try and login using this account the hash generated on the login page NEVER matches the hash stored in my SQL database.
Here is my PHP code and MySQL query:
$username = mysql_real_escape_string($_REQUEST['username']);
$password = mysql_real_escape_string($_REQUEST['password']);
$query = mysql_query("SELECT username FROM records WHERE username='".$username."'") or die(mysql_error());
$result= mysql_fetch_array( $query );
if($result[0] == $username) {
$query = mysql_query("SELECT password FROM records WHERE username='".$username."'") or die(mysql_error());
$result = mysql_fetch_array( $query );
$passHash = md5($password);
echo "Hash: ".$passHash."<br/>";
echo "User's hash: ".$result[0];
if($result[0] == $passHash) {
echo "XXXXX: WIN";
}
else {
echo "fail";
}
I have an account called "alex" the MD5 that was generated on the register page is "1c13465e24d91aca4d3ddaa1b" the MD5 hash generated on the login page is "1c13465e24d91aca4d3ddaa1bc3e7027"
Here is my registration page code:
$username = mysql_real_escape_string($_REQUEST['username']);
$password = mysql_real_escape_string($_REQUEST['password']);
$md5_pass = md5($password);
mysql_real_escape_string(mysql_query("INSERT INTO records (username, password, ) VALUES('$username', '$md5_pass' ) ") or die(mysql_error()));
What am I doing wrong? I have been searching on here and looked at:
md5 hash login with php and mysql
but no luck. Any help is greatly appreciated!
