hi...
trying to figure out what is wrong here... the code is supposed to check an md5'd
password from a form and compare it against an md5'd password in a mysql table... for
some strange reason when i run the code below on my dev server (apache 2.0.47,
php4.3.3 and mysql 4.1-A) it works. when i run it on the live site (apache 1.0.3.2,
php 4.1.2 and mysql 3.22.5.6) it wont work and for that matter wont even return an
error!
if i swap out the "select" statement that compares passwords and try it manually on
both servers exactly as the script says then it works in both places....
can anybody help??
[code]
#my sql users table
CREATE TABLE users (
username varchar(20) default NULL,
PWD varchar(40) binary NULL
) TYPE=MyISAM;
#end of table
<?
//login.php checks username and pwd...
session_start();//have to start session
include("libs/db.php");
mysql_connect($host, $mysqluser, $mysqlpwd)||die();
mysql_query("select * from rnjresort.users where username='$username' and
pwd=md5($password)");
//see if user exists..
if(mysql_affected_rows()==0){
//ok it didnt work so go to login screen again...
echo "<h1>your login failed</h1>";
include("login.html");
exit(); //exit()? why not just exit;?
} else {
//ok now it found the right person so lets rock...
$_SESSION[username]=$username;//we will only register username to keep it simple for
now
//now lets redirect to the admin page...
ob_start(); //have no choice to use it...
header("location: deletepost.php");//page that requires a login...
ob_flush();
}
?>
[/code]
but on the other hand if i run this command in the server itself:
select * from rnjresort.users where username='root' and pwd=md5(8104235982);
i get a valid answer....
help!!
