Support Forums

Hello guys, i got a problem with a script a friend made, what it does is convert values, but you must confirm your ID and PASSWORD, the problem is that the dbo.member table in the database saves password in char(50) format. It means, by default, all passwords are saved with spaces trailing after it in order to make it 50 bytes long. These pages do not add spaces on the submitted password, so even if the password submitted is correct, they are not accepted because it does not have those spaces, and the match fails.

I've been trying to fix it with all sorts of codes, but PHP doesn't seem to like me. Any suggestions?

Quote: // Get username and password POSTed by input page
if (isset($_POST['gameid'])) { $userName = $_POST['gameid']; }
else { die('Empty fields.'); }

if (isset($_POST['password'])) { $userPass = $_POST['password']; }
else { die('Empty fields.'); }

$s = 50 - strlen($userPass);

// Code here? $s is the number spaces to add.

if (isset($_POST['cashamt'])) { $convAmt = $_POST['cashamt']; }
else { die('Empty fields.'); }

Why don't you just convert CHAR(50) to VARCHAR(50)?

I'm pretty sure that if you backed up the database, changed your CREATE sql TABLE(){ } to have VARCHAR instead of CHAR, and then Ctrl+f & replaced your way to glory, you could convert all the user-names and passwords to VARCHAR format.

Yes use VARCHAR(50) instead and problem solved.

tried with that, but is still saying me incorrect password =/

Have you tried trim() yet? This trims leading and trailing spaces from input.

$psw = trim($_REQUEST['password']);

Solved, close thread plz