* Thus wrote CF High ([EMAIL PROTECTED]):
>
> $username = strip_illegals($_POST['email']);
> $plain_pass = rand();
> $password = md5($plain_pass);
>
> I then insert their login info into our member's table.
>
> Unexpectedly, when users attempt to login no matching record is found.
Are you sending them the $plain_pass or $password?
> Their login submits two post fields (username & password):
>
> $username = trim(strtolower($_POST['username']));
> $password = trim(strtolower($_POST['password'));
> $password = md5($password);
>
> The username matches, but the password does not -- I've echoed the md5'd
> submitted password & maddenlingly, it doesn't match.
Other wise I'm reading this to say your system is evaluating
md5('foo') != md5('foo')
as being true.
Curt
--
"I used to think I was indecisive, but now I'm not so sure."
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
