Here's a question for you.
I'm trying to store encrypted passwords in a database. I do this
//From ADMIN page
$client_pw = trim($client_pw);
$sql = " INSERT INTO CLIENTS (client_id, client_pw, client_school, client_expdate, client_fullname)
VALUES ('".$client_id."', '".md5($client_pw)."', '".$client_school."', '".$client_expdate."', '".$client_fullname."') ;";
Resulting HASH in the DB: 3f8b243aa755cfd9
And retrieve the entered password to vailidate in this manner:
//From login page
$uname = $_POST['uname'];
$pword = $_POST['pword'];
$pword = trim($pword);
$pword = md5($pword);
$sql = "select * from CLIENTS where client_id = '" . trim($uname).
"' and client_pw = '".$pword."'";
HASH it tries to compare this: 3f8b243aa755cfd963741b71885955f2
to the DB entry: 3f8b243aa755cfd9
I've searched several places online and can't seem to get why there is no match. Yes I did type the same password. Most documentation on this implies that I am doing this correctly. It seems like a no-brainer. Am I missing anything?