So the passwords were stored in clear text. I got the passwords hashed using md5. I even got the code working to insert into the database.
Now, I can't login. Here's what the old code looked like:
$SelUserQry = "SELECT email, password, id, codematched, promo_code FROM users WHERE email='".mysql_real_escape_string($_POST['email'])."' AND password='".mysql_real_escape_string($_POST['password'])."'";
I've tried everything I can think of an can't get it to work. I've put the md5 in front of the $Post, in front of the escape, even tried just deleting the escape to see if I could get it to work, but no luck.
Can anyone help me figure this out?