I’m trying to compare the value of the password stored in the database (which

Question

0

Asked: May 26, 20262026-05-26T17:07:53+00:00 2026-05-26T17:07:53+00:00

I’m trying to compare the value of the password stored in the database (which

0

I’m trying to compare the value of the password stored in the database (which is done by md5($mypassword)), but every time I enter a different password than what is in the DB it still allows me to auth the user… I’ve tried:

$rslt['password'] = md5($mypassword)
$rslt['password'] == md5($mypassword)
$rslt['password'] === md5($mypassword)

but neither of them seem to work.

a snippet of the code is below:

if((mysql_num_rows($qry)==1)&&($rslt['username']==$myusername)&&($rslt['password'] == md5($mypassword)))
    {
    echo $rslt['username'];
    echo $myusername;
    echo $rslt['password'];
    echo md5($mypassword);
    //$expire=time()+60*60*24*30;
    //$_SESSION['user'] = $rslt['username'];
    //header("location: ../acct_beta.php");
    }

any ideas would be helpful. thanks 😀

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T17:07:54+00:00

Editorial Team

2026-05-26T17:07:54+00:00Added an answer on May 26, 2026 at 5:07 pm

You could turn the logic around a bit and let mysql do the comparison by using

select count(*) from <table> where username = @username and password = MD5(@password)

If the count > 0 then it’s authenticated.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m trying to compare the value of the password stored in the database (which

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply