MD5 problems

[Louth]

Could anybody help with this md5 problem because it's driving me crazy. The following line takes input from a form and enters it into the database like so

@mysql_query("UPDATE db_ulp SET login='$name', password=md5('$pwd') where login='$user'");

In the form the field looks like this:

<tr>
<td><input name=pwd type=text> * </td>
</tr>

Then in the login screen I have the following code:

$_POST['user'] = addslashes($_POST['user']);
$_POST['pass'] = md5($_POST['pass']);

$result = mysql_query("SELECT count(user_id) FROM db_ulp WHERE password='$_POST[pass]' AND login='$_POST[user]'") or die("Couldn't query the user-database.");
$num = mysql_result($result, 0);

if (!$num) {

// When the query didn't return anything,
// display the login form.

echo "<h3>User Login</h3>
<form action='$_SERVER[PHP_SELF]' method='post'>
Username: <input type='text' name='user'><br>
Password: <input type='password' name='pass'><br><br>
<input type='submit' value='Login'>
</form>";

} else {

// Start the login session
session_start();

// We've already added slashes and MD5'd the password
$_SESSION['user'] = $_POST['user'];
$_SESSION['pass'] = $_POST['pass'];

// All output text below this line will be displayed
// to the users that are authenticated. Since no text
// has been output yet, you could also use redirect
// the user to the next page using the header() function.
header('Location: main.php');
}

The passwords are being entered in the database but when I enter them in the login screen they won't verify. Can somebody please help me with this because it's driving me cracked

 

[Chacalinc]

Could you change:

$_POST['user'] = addslashes($_POST['user']);
$_POST['pass'] = md5($_POST['pass']);

$result = mysql_query("SELECT count(user_id) FROM db_ulp WHERE password='$_POST[pass]' AND login='$_POST[user]'") or die("Couldn't query the user-database.");
$num = mysql_result($result, 0);

with:

$user_ = addslashes($_POST['user']);
$pass_ = md5($_POST['pass']);

$result = mysql_query("SELECT count(user_id) FROM db_ulp WHERE password='$pass_' AND login='$user_'") or die("Couldn't query the user-database.");
$num = mysql_result($result, 0);

now, if you issue the select with the same values -directly to mysql- does it work?

Cheers.

 

[skiflyer]

Well, some basic debugging advice.

If it returns nothing, then output the query so you can run it against the server and see what happens.

Then... did you add those same slashes to the password before you md5()'d it the first time? If not they'll have different results.

But to solve your problem, output your query to the screen and run it against the server.... or get some phpMyAdmin up and running.

On possibility though, including arrays in a string is generally a bad idea... I would change

echo "SELECT count(user_id) FROM db_ulp WHERE password='$_POST[pass]' AND login='$_POST[user]'";

to 

echo "SELECT count(user_id) FROM db_ulp WHERE password='".$_POST['pass']."' AND login='".$_POST['user']."'";

Then... just plain programming advice...

$num = mysql_result($result, 0); 
if (!$num) {

Should really read...

$num = mysql_result($result, 0);
if ($num == 0) {

Because it's not actually false, it's 0 that bugs you in this case.