Odd problem with login script
 

I have a simple log in script that im making. I copied some code off of another login script that i made before (which works) but for some reason this one isnt working. Heres the code thats causing some problems:

[PHP]if($HTTP_POST_VARS['submit']){
$name = $HTTP_POST_VARS['name'];
$password = $HTTP_POST_VARS['password'];
$password = md5($password);

$sql1 = "SELECT * FROM users WHERE name='" . $name . "'";
$query = mysql_query($sql1);
$rows = mysql_fetch_array($query);

//username validator
if($rows['name'] == ''){
echo 'Username or password is incorrect.';

//password validator
}elseif($rows['password'] == $password){[/PHP]

It seems to be just the password validator that is the problem. When I take it out everything works fine, but as soon as i put it in it tells me that my password is incorrect even if i put the correct one in. Anyone know what the problem is?

hum. i would verify the password in the db is md5.

try using just $_POST['variable'] to pull the info.

aside, the actual elseif looks good. you might run into problems if you pull multiple rows, but if name is a unique variable that you've checked for, that's all good.

try it out, let me know how it goes...might be with something else in the code below the verification.

I thought that $HTTP_POST_VARS['variable']; was the exact same as $_POST?

I guess you could print out the query, then copy and paste your query in the sql command line to see the result. That might help you immidiately spot the error. If still not, try to var_dump( $rows ) before if statement.

Btw, since PHP 4.1 the prefered variable is using $_POST and $_GET, and in PHP 5, the long predefined PHP arrays like $HTTP_POST_VARS you used might be disabled. If you can verify your PHP version, that might help as well.

Ok well I found the error and fixed it. There was a conflict with magic quotes

glad you found it!