could it be that the field in the database is of type
varchar(25) ?
looks like it's too small to hold the complete hash: that one always
consists of 32 characters.
Thursday, April 8, 2004, 6:35:47 AM, you wrote:
> hello,
> I have a database containing usernames and md5 encrypted passwords.
> When i use md5() to encrypt a users password recived via a form
> to compare to the md5ed passwd in the database i get problems...
> for instance ...
> user foo has passwd 'pass'
> 'pass' md5ed in database is this
> 1a1dc91c907325c69271ddf0c
> i got this using phps md5.
> Then ... when i md5 a pass i recieve later to compare
> for a login the password 'pass' comes up like this...
> 1a1dc91c907325c69271ddf0c944bc72
> they are the same except the trailing 944bc72
> this happens when i try other password too.
> here is the code that is giving me the problems...
> function auth(){
> $user = $_POST['user'];
> $pass = rtrim($_POST['pass']); // i added this trying to fix :(
> $pass = md5($pass);
> $query = "select password from dealers where username = '$user'";
> $result = $this->sqlQuery($query);
> if(!$result){
> echo "Sorry there was a error, please try again later.\n";
> }
> else{
> $thePass = mysql_fetch_array($result);
> if($thePass[0]){
> if(strcmp( $pass , $thePass[0]) == 0){
> echo "match\n";
> }
> else{
> echo "pass = $pass <br>"; // from from
> echo "hash = $thePass[0]"; // from db
> }
> }
> else{
> $this->logonPage(1);
> }
> }
> }
> can some one tell me what im doing wrong
> thanks,
> [EMAIL PROTECTED]
> "Bad spellers of the world untie!"
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
