I am using a sha1 hash to encrypt passwords in my application.
All is fine until someone tries to log in. For whatever reason, it won't let anyone in even if they are typing the correct password. What am I doing wrong? Any suggestions?
$member_password= mysql_real_escape_string(addcslashes(sha1($_POST[password]), "%_"));
$password = mysql_real_escape_string(sha1($_POST['password']));
It happens on both sides of the equation- on the admin side and the member side.
from the login page:
I changed the password to something else in phpmyadmin and was able to log in just fine, so it has to be somewhere in this process.