我设置注册。php密码md5加密,它工作正常,当我检查它在phpmyadmin,但当我应用md5登录。php它不匹配密码?它说密码总是错误,可能是语法,但无法弄清楚…
signup.php
if (isset($_POST['user']))
{
$user = sanitizeString($_POST['user']);
$pass = sanitizeString($_POST['pass']);
if ($user == "" || $pass == "")
$error = "Not all fields were entered<br /><br />";
else
{
if (mysql_num_rows(queryMysql("SELECT * FROM members
WHERE user='$user'")))
$error = "That username already exists<br /><br />";
else
{
queryMysql("INSERT INTO members VALUES('$user', '".md5('$pass')."')");
die("<h4>Account created</h4>Please Log in.<br /><br />");
}
}
}
login。
if(isset($_POST['user'])) {
$user = sanitizeString($_POST['user']);
$pass = sanitizeString($_POST['pass']);
if ($user == "" || $pass == "") {
$error = "Not all fields were entered<br />";
} else {
$query = "SELECT user,pass FROM members WHERE user = '$user' AND pass = '''".md5('$pass').'"''";
if(mysql_num_rows(queryMysql($query)) == 0) {
$error = "<span class='error'>Username/Password invalid</span><br /><br />";
} else {
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
die("You are now logged in. Please <a href='society.php?view=$user'>" .
"click here</a> to continue.<br /><br />");
}
}
}
我认为有问题的部分是来自
的md5('$pass')
queryMysql("INSERT INTO members VALUES('$user', '".md5('$pass')."')");
因为你有一个未插入的字符串-试试:
queryMysql("INSERT INTO members VALUES('$user', '".md5($pass)."')");