Ok, so i have a log in and a register script. Today i put a md5() encoding mechanism on it so it encodes the password when it is sent to the database. Now, how do i encode all of the passwords that were already inside the database? if anybody could help i would be extremely appreciative

Just run a query to update them:

UPDATE table SET password_column = MD5(password_column)

Don't forget to backup first, just in case...

it worked but now it wont let me or anybody else log in. Im using this script:

<?php
include'dbconnect.php';

$tbl_name="*******"; 

$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
$cleanpass=md5($mypassword);

$myusername = stripslashes($myusername);
$cleanpass = stripslashes($cleanpass);
$myusername = mysql_real_escape_string($myusername);
$cleanpass = mysql_real_escape_string($cleanpass);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$cleanpass'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);

if($count==1){
session_register("myusername");
session_register("mypassword");
header('location:memberspage.php');
}
else {
echo "Wrong Username or Password";
}
?>

What if you do

SELECT * FROM $tbl_name WHERE username='$myusername' and password=MD5('$mypassword')
Member Avatar

echo out the query:

echo $sql;

This will stop any header(), but that's ok for now.

Check the screen output. Copy the output and paste into the SQL (or Query) box in your fave MySQL GUI (e.g. phpMyAdmin, Navicat, SQLyog, etc). See what happens.

//EDIT

Hold on! Silly question, but are md5-ing twice? Once with php and then again with SQL? If so, you'll not get a match.

I do not understand your question or what u want me to do with the echo

Member Avatar

OK forget the duplicate md5, it wasn't working before pritaeas suggested the switch from php md5 to MySQL MD5. Anyway,

1. echo the query as I mentioned.
2. copy the output from the screen.
3. open phpmyadmin.
4. navigate to the 'SQL' pane.
5. paste the query from the clipboard to the pane.
6. press the 'go' button.
7. look at the results or any error message.