Hey

Can anyone help me?
I am trying to make the login change the password to MD5 as the database is MD5 but it keeps saying 'Login Incorrect'... but its right.... :confused:

Here is the php

<?php
if($_GET['action'] == "login"){
require('connect.php');
// Get Data
if ($_POST['username']) {
$username = $_POST['username'];
$passwrd = $_POST['passwrd'];
// Change password to MD5
$passwordmd5 = md5($passwrd);
// Check if anything missing?
if ($passwrd == NULL) {
echo "<center><b>A password was not supplied<br><a href='javascript: history.go(-1)'>Go Back?</a></b></center><p>";
}else{
$query = mysql_query("SELECT username,passwrd FROM users WHERE username = '$username'") or die(mysql_error());
$data = mysql_fetch_array($query);
if($data['passwrd'] != $passwordmd5) {
echo "<center><b>The supplied login is incorrect<br><a href='javascript: history.go(-1)'>Go Back?</a></b></center><p>";
}else{
$query = mysql_query("SELECT username,passwrd,rank,email FROM users WHERE username = '$username'") or die(mysql_error());
$row = mysql_fetch_array($query);
session_start();
$_SESSION["users"] = TRUE;
$_SESSION["username"] = $row['username'];
$_SESSION["passwrd"] = $row['passwrd'];
$_SESSION["email"] = $row['email'];
$_SESSION["rank"] = $row['rank'];
echo "<META HTTP-EQUIV=\"refresh\" CONTENT=\"0; URL=home.php\">";
}
}
}
}
?>

Danny

This should work:


<?php
if($_GET['action'] == "login"){
require('connect.php');

if (!isset($_POST['username']) || !isset($_POST['passwrd']) || empty($_POST['username']) || empty($_POST['passwrd'])) {
echo 'Username or password missing!';
exit();
}

$username = mysql_real_escape_string($_POST['username']);
$passwrd = $_POST['passwrd'];

// Change password to MD5
$hash = md5($passwrd);

$query = mysql_query("SELECT username,passwrd FROM cn_admin WHERE username = '$username' AND passwrd = '$hash'");
if($query && mysql_num_rows($query) == 1) {
echo 'Valid Login';
}
else {
echo 'Invalid Login';
}
}
?>