Hi i have this login script which works. it will work for passwords that i have directly entered into the database through phpmyadmin but wont login for the passwords that i have entered through the registeration script for which i have used md5. Understandable !
But as soon as i put md5 for the password field(as commented out below) in the loginscript, it takes me straight to the relogin page. As in it wont recognise the incripted passwords i am putting in, i have checked them against my paperwork as i wrote them down thinking i might forget and they are correct ones i am entering.
When i am typing the password it is coming up in plain text instead of *****.
This is part of a project i would really really appreciate any help.
<?php
$host="localhost"; // Host name
$usernamee="*****"; // Mysql username
$passwordd="*****"; // Mysql password
$db_name="sportscentre"; // Database name
$tbl_name="registration"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$usernamee", "$passwordd")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$username=$_POST['username'];
$password = ($_POST['password']);
//$password = md5($_POST['password']);
// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql) or die ("Query failed: " . mysql_error());;
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
include 'member_login_success.php';
}
else {
//echo "Wrong Username or Password";
include 'relogin_member.php';
}
?>