MD5 hash validation failing for unknown reason in PHP
Posted
by
Sennheiser
on Stack Overflow
See other posts from Stack Overflow
or by Sennheiser
Published on 2011-02-20T23:21:44Z
Indexed on
2011/02/20
23:25 UTC
Read the original article
Hit count: 234
I'm writing a login form, and it converts the given password to an MD5 hash with md5($password)
, then matches it to an already-hashed record in my database. I know for sure that the database record is correct in this case. However, it doesn't log me in and claims the password is incorrect.
Here's my code:
$password = mysql_real_escape_string($_POST["password"]);
...more code...
$passwordQuery = mysql_fetch_row(mysql_query(("SELECT password FROM users WHERE email = '$userEmail'")));
...some code...
elseif(md5($password) != $passwordQuery)
{
$_SESSION["noPass"] = "That password is incorrect.";
}
...more code after...
I tried pulling just the value of md5($password) and that matched up when I visually compared it. However, I can't get the comparison to work in PHP. Perhaps it is because the MySQL record is stored as text, and the MD5 is something else?
© Stack Overflow or respective owner