开发者

MD5 hash validation failing for unknown reason in PHP

开发者 https://www.devze.com 2023-02-12 01:27 出处:网络
I\'m writing a login form, and it converts the given password to an MD5 hash with md5($password), then matches it to an already-hashed record in my database. I know for sure that the database record i

I'm writing a login form, and it converts the given password to an MD5 hash with md5($password), then matches it to an already-hashed record in my database. I know for sure that the database record is correct in this case. However, it doesn't log me in and claims the password is incorrect.

Here's my code:

$password = mysql_real_escape_string($_POST["password"]);
...more code...
$passwordQuery = mysql_fetch_row(mysql_query(("SELECT password FROM users WHERE email = '$userEmail'")));
...some code...
elseif(md5($password) != $passwordQuery)
{
    $_SESSION["noPass"] = "That password is incorrect.";
}
...more code after...

I tried pulling just the value of md5($password) and that matched up when I visually compared it. However, I can't get the comparison to work i开发者_开发技巧n PHP. Perhaps it is because the MySQL record is stored as text, and the MD5 is something else?


$passwordQuery contains and array with the hash, and not just the hash.

Instead of

elseif(md5($password) != $passwordQuery)

try

elseif(md5($password) != $passwordQuery[0])


It looks to me like you're comparing a string (the result from $_POST) with an array (the result of mysql_fetch_row). You'll probably want something like:

if (md5($password) != $passwordQuery['password') {
   ....
}
0

精彩评论

暂无评论...
验证码 换一张
取 消