I am creating a user registration and login forms.
During the user registration form I insert a record into my users table and encode my password with this method here is a snipet of my code:
$query = "INSERT INTO users (userID,userName, password, userType, irstName, lastName, phone, fax, email, website, gridArea, company, addedServices, specialty) VALUES (NULL, '$userid', password('$userpassword'), '$userType', .......
The password field in MySQL database is a VarChar(10)
in my login form i will verify the user info and once again here is the snippet:
$query = "SELECT userType FROM $user_tablename WHERE userName = '$userid' AND password = password('$userpassword')";
THIS DOES NOT WORK, it does not seem to match the passwords. I have tried inserting an echo statement ensuring that the password passed by the variable is correct, I have echoed the whole query statement and it looks good.
I have tried inserting a user record without using the password method and then searching without of course using the password method and that seems to work. It is when I use the password method I am getting issues.
Could it my field size too small? or the wrong type?