When I try to login an error of "Password is incorrect" is shown. But I know it's correct as it's on my server. Below is the registration form which interacts with the login mechanism on the server
Here is my code
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<td>
<form name="form1" method="post" action=
"%3C?php%20echo%20$_SERVER['PHP_SELF'];%20?%3E" id="form1">
<table width="100%" border="0" cellpadding="3" cellspacing="1">
<tr>
<td colspan="3"><strong>Member Login</strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id=
"myusername" /></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="password" id="mypassword" /></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login" /></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td>
<?php include( 'config.php'); // makes sure they filled it in if (isset($_POST[ 'Submit'])){ $username=$ _POST[ 'myusername']; $password=$ _POST[ 'mypassword']; $md5_pw=m d5($password); if($username==" " || $password=="" ) { echo( 'You did not fill in a required field.'); } else{ $query=m ysql_query( "SELECT *FROM admin
WHERE user_name = '$username' ")or die(mysql_error()); $query2=m ysql_num_rows($query); if ($query2==0 ) { echo( "That user does not exist in our database. <a href=signup.php>Click Here to Register</a>"); } while($result=m ysql_fetch_array( $query )){ if($md5_pw !=$ result[ 'password']) { echo ( "incorrect password"); } else { session_start(); header( "Location: home.php"); } } } } ?></td>
</tr>
</table>
</form>
</td>
</tr>
</table>
</body>
</html>
Can you please help me identify the error(s)?
