0

Hi,

I'm not sure if this shpould be in PHP or here so apologies if I'm in the wrong place.

I'm trying to encrypt a password and insert it into my database along with other data. Everything works when I remove the md5 password encryption. It doesn't work when I use it.

Here's the code with the relevant two lines in red:

<?php require_once("includes/connection.php") ?>
<?php require_once("includes/functions.php") ?>
<?php
if(
    isset( $_POST['title'] )
    &&
    isset( $_POST['forename'] )
     &&
    isset( $_POST['surname'] )
     &&
    isset( $_POST['dob'] )
     &&
    isset( $_POST['add1'] )
     &&
    isset( $_POST['add2'] )
     &&
    isset( $_POST['add3'] )
     &&
    isset( $_POST['city'] )
     &&
    isset( $_POST['county'] )
     &&
    isset( $_POST['postcode'] )
     &&
    isset( $_POST['phone'] )
     &&
    isset( $_POST['mobile'] )
     &&
    isset( $_POST['email'] )
     &&
    isset( $_POST['pass1'] )
    &&
    isset( $_POST['pass2'] )
)
{
    if( $_POST['pass1'] != $_POST['pass2'] )
    {
        echo "Passwords do not match.";
    }
    elseif( strlen( $_POST['email'] == $_POST['pass2'] ) )
    {
        echo "Password cannot be the same as your email address.";
    }
    elseif( $_POST['email'] == $_POST['pass1'] )
    {
        echo "Password cannot be the same as your email address.";
    }
    else
    {


        $title = mysql_real_escape_string( $_POST['title'] );
        $forename = mysql_real_escape_string( $_POST['forename'] );
        $surname = mysql_real_escape_string( $_POST['surname'] );
        $dob = mysql_real_escape_string( $_POST['dob'] );
        $add1 = mysql_real_escape_string( $_POST['add1'] );
        $add2 = mysql_real_escape_string( $_POST['add2'] );
        $add3 = mysql_real_escape_string( $_POST['add3'] );
        $city = mysql_real_escape_string( $_POST['city'] );
        $county = mysql_real_escape_string( $_POST['county'] );
        $postcode = mysql_real_escape_string( $_POST['postcode'] );
        $phone = mysql_real_escape_string( $_POST['phone'] );
        $mobile = mysql_real_escape_string( $_POST['mobile'] );
        $email = mysql_real_escape_string( $_POST['email'] );
[B]        $password = md5( $_POST['pass1'] );[/B]


        //check email address for duplication in database
        $query = "SELECT email FROM customer WHERE email = '". $email ."'";


        if( mysql_num_rows( mysql_query( $query ) ) == 0 )
        {
            $do_reg = "INSERT INTO customer
                           ( cust_id, title, forename, surname, dob,
                            address1, address2, address3, city, county,
                            postcode, telephone, mobile, email, password )
                           VALUES(
                        '',
                        '". $title ."',
                        '". $forename ."',
                        '". $surname ."',
                        '". $dob ."',
                        '". $add1 ."',
                        '". $add2 ."',
                        '". $add3 ."',
                        '". $city ."',
                        '". $county ."',
                        '". $postcode ."',
                        '". $phone ."',
                        '". $mobile ."',
                        '". $email ."',
[B]'". $password ."'[/B]
			)";

            if( !mysql_query( $do_reg ) )
            {
                echo "Registration failed.  Unknown error.";
            }
            else
            {
                echo "Thank you for registering.  Please proceed to log in.";
                $formUsername = $email;

                header ('location: index.php');
            }
        }
        else
        {
            echo "The email address is already registered.";
            $formUsername = $email;
        }
    }
}
else
{
    echo "Please complete your information before registering.";
}
?>

Thanks for any help!

1
Contributor
1
Reply
2
Views
8 Years
Discussion Span
Last Post by Roybut
This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.