Their receiving the $plain_pass $plain_pass is md5'd on login submit, so we should get md5($plain_pass ) = db stored md5'd($plain_pass ).
Makes no sense at all. Got a couple hundred emails in my inbox from users not able to login -- I'm basically screwed ;--( --Noah "Curt Zirzow" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > * Thus wrote CF High ([EMAIL PROTECTED]): > > > > $username = strip_illegals($_POST['email']); > > $plain_pass = rand(); > > $password = md5($plain_pass); > > > > I then insert their login info into our member's table. > > > > Unexpectedly, when users attempt to login no matching record is found. > > Are you sending them the $plain_pass or $password? > > > Their login submits two post fields (username & password): > > > > $username = trim(strtolower($_POST['username'])); > > $password = trim(strtolower($_POST['password')); > > $password = md5($password); > > > > The username matches, but the password does not -- I've echoed the md5'd > > submitted password & maddenlingly, it doesn't match. > > Other wise I'm reading this to say your system is evaluating > > md5('foo') != md5('foo') > > as being true. > > > Curt > -- > "I used to think I was indecisive, but now I'm not so sure." -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
