MD5 hash validation failing for unknown reason in PHP

Posted by Sennheiser on Stack Overflow See other posts from Stack Overflow or by Sennheiser
Published on 2011-02-20T23:21:44Z Indexed on 2011/02/20 23:25 UTC
Read the original article Hit count: 234

Filed under:
|
|
|

I'm writing a login form, and it converts the given password to an MD5 hash with md5($password), then matches it to an already-hashed record in my database. I know for sure that the database record is correct in this case. However, it doesn't log me in and claims the password is incorrect.

Here's my code:

$password = mysql_real_escape_string($_POST["password"]);
...more code...
$passwordQuery = mysql_fetch_row(mysql_query(("SELECT password FROM users WHERE email = '$userEmail'")));
...some code...
elseif(md5($password) != $passwordQuery)
{
    $_SESSION["noPass"] = "That password is incorrect.";
}
...more code after...

I tried pulling just the value of md5($password) and that matched up when I visually compared it. However, I can't get the comparison to work in PHP. Perhaps it is because the MySQL record is stored as text, and the MD5 is something else?

© Stack Overflow or respective owner

Related posts about php

Related posts about sql