Now that that's fixed, my issue is that the passwords I saved are encrypted, and I can't seem to find a way to make them match up.
I was using:
if($row['password'] == hash('encryptiontype','$_POST[pass]')){ #some login stuff... #apologies for not divulging what type of encryption I'm using. I read some articles on security that said to be #paranoid, and I'll be damned if I ignore that. :P/> }
But now that I realized I screwed up, and whereas I thought it was working, it turns out now that it's fixed, it isn't working at all. In this particular situation, there are two conditions that tell how to set the cookies, which means I need an if, elseif, else->die.
Then I have situation two, where I have a change password script. This is what I've got:
$prepassword = mysql_real_escape_string($_POST['password']); $password = hash('encryptiontype','$prepassword'); #another if statement while($row = mysql_fetch_array($result)) { if($password != $row['password']){ echo "<font style='color:white'>The password entered did not match our database.</font>"; }else{ mysql_query("UPDATE user SET password = '$newpass' WHERE username = '$user'"); echo "<font style='color:white'>Password successfully changed.</font>"; } }
(After looking over this code to figure out what bits needed posted, I realized that I wasn't encrypting the new passwords before being saved. Oops. Guess it's a good thing it's not WAI yet.

I mean, I don't know what's wrong. It could be something as simple as not using stripslashes before checking it against the database, or it could be something more complex that I'm totally missing.
Thanks in advance!