I have this following if-case, but I can't get it to work properly.
I have a database that stores md5 encrypted passwords as varchar.
I let the user enter his/her password and username in a form and send it to php the normal way.
$nickName = $_POST['User'];
$pass = $_POST['Pass'];
[...]
$value = mysql_fetch_array($result);
//i assume strcmp returning 0
if(!(strcmp($value,md5($pass)))) {
echo "Willkommen, " . $nickName;
} else {
echo "Passwoerter stimmen nicht ueberein!";
}
Let me add the fact I also tried out various statements like
if(strcmp($value,md5($pass)) == 0) and $value == md5($pass).
My clue is I have to cast the from $value returned value somehow. Maybe something like a parseInt (afaik md5 is Integer) to change the value I got from the database to int.
mysql_fetch_array, does what it says fetches an array, you are trying to do a string compare on an array you probably want something like $value['password']
if(!(strcmp($value['password'],md5($pass))))
{
echo "Willkommen, " . $nickName;
}
else
{
echo "Passwoerter stimmen nicht ueberein!";
}
and of course think about using mysqli as mysql is deprecated