I made a login script which retrieves username and password from a database,
I can get it to work if the passwords in the database are not encrypted and
if I dont encrypt the password when it is entered, but if I encrypt the
password that has been entered and try to match with the encrypted one in
the database then it does not work, can anyone help me please, I have
included both the sources here.
Source with password not encrypted:
<?php
session_start();
require('db_connect.php');
$username = $_POST['username'];
$oldpass = $_POST['password'];
if(!$username) {
include 'login_nothing.php';
exit();
}
if(!$password) {
include 'login_nothing.php';
exit();
}
mysql_select_db('poweredge', $link);
$sql_query = mysql_query("SELECT * FROM users WHERE username = '$username'
AND password = '$oldpass'");
if(!$sql_query) {
echo "Fatal error";
exit();
}
$login_check = mysql_num_rows($sql_query);
echo "$login_check";
if($login_check == 0) {
include 'login_error.php';
exit();
}
if($login_check == 1) {
session_register('username');
session_register('password');
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("Location: memberspage.php");
}
?>
Source with password encrypted:
<?php
session_start();
require('db_connect.php');
$username = $_POST['username'];
$oldpass = $_POST['password'];
if(!$username) {
include 'login_nothing.php';
exit();
}
if(!$password) {
include 'login_nothing.php';
exit();
}
$password = md5($oldpass);
mysql_select_db('poweredge', $link);
$sql_query = mysql_query("SELECT * FROM users WHERE username = '$username'
AND password = '$password'");
if(!$sql_query) {
echo "Fatal error";
exit();
}
$login_check = mysql_num_rows($sql_query);
echo "$login_check";
if($login_check == 0) {
include 'login_error.php';
exit();
}
if($login_check == 1) {
session_register('username');
session_register('password');
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("Location: memberspage.php");
}
?>
