Menu
I have a form in which I am taking username and password from user,
and I am converting the password to md5. Then I insert it into database. In user login form, I take the password and convert it to md5. Then I compare both passwords. It matches in some condition but fails if password = p@$$w0rd.
What is the issue ? And what is the solution for this issue?
From my form to database password of p@$$w0rd to md5 is b7463760284fd06773ac2a48e29b0acf and from login form it is e22bb24ca616331cb92a48b712034bc3
Code from registration form
$password = trim($_POST['password']);
$dpassword = md5($password);
And from login form
$passwd = md5($password);
$sql = mysql_query("select * from create_dealer where (dealer_email='$user' && password='$passwd')");
374
The problem is with quotes.
echo md5('p@$$w0rd');// echoes b7463760284fd06773ac2a48e29b0acf
echo md5("p@$$w0rd");// echoes e22bb24ca616331cb92a48b712034bc3
When you use double quotes, $w0rd is considers as an undefined variable and replaced with an empty string.
echo md5("p@$");// echoes e22bb24ca616331cb92a48b712034bc3
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
