could it be that the field in the database is of type varchar(25) ? looks like it's too small to hold the complete hash: that one always consists of 32 characters.
Thursday, April 8, 2004, 6:35:47 AM, you wrote: > hello, > I have a database containing usernames and md5 encrypted passwords. > When i use md5() to encrypt a users password recived via a form > to compare to the md5ed passwd in the database i get problems... > for instance ... > user foo has passwd 'pass' > 'pass' md5ed in database is this > 1a1dc91c907325c69271ddf0c > i got this using phps md5. > Then ... when i md5 a pass i recieve later to compare > for a login the password 'pass' comes up like this... > 1a1dc91c907325c69271ddf0c944bc72 > they are the same except the trailing 944bc72 > this happens when i try other password too. > here is the code that is giving me the problems... > function auth(){ > $user = $_POST['user']; > $pass = rtrim($_POST['pass']); // i added this trying to fix :( > $pass = md5($pass); > $query = "select password from dealers where username = '$user'"; > $result = $this->sqlQuery($query); > if(!$result){ > echo "Sorry there was a error, please try again later.\n"; > } > else{ > $thePass = mysql_fetch_array($result); > if($thePass[0]){ > if(strcmp( $pass , $thePass[0]) == 0){ > echo "match\n"; > } > else{ > echo "pass = $pass <br>"; // from from > echo "hash = $thePass[0]"; // from db > } > } > else{ > $this->logonPage(1); > } > } > } > can some one tell me what im doing wrong > thanks, > [EMAIL PROTECTED] > "Bad spellers of the world untie!" -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php