I have an error ("Password length must be between 6 and 32 characters long") set up so when users try to register with a password less than 6 characters, they get that error and are unable to sign up, but no matter how short the password, the error doesn't come up, it just continues with registration. Please help, thanks! Here is the code:
<?php
$submit = $_POST['submit'];
$name = strip_tags($_POST['fullnamefield']);
$email = strip_tags($_POST['regemailfield']);
$password = strip_tags($_POST['regpasswordfield']);
$repeatpassword = strip_tags($_POST['regpasswordconfirmfield']);
$date = date("Y-m-d");
if ($submit)
{
if ($name&&$email&&$password&&$repeatpassword)
{
$password = md5($password);
$repeatpassword = md5($repeatpassword);
if ($password==$repeatpassword)
{
if (strlen($name)>32||strlen($email)>1024)
{
echo "Length of name or email is too long. Please try again";
}
else
{
if (strlen($password)>32||strlen($password)<6)
{
echo "password must be between 6 and 25 character!";
}
}
}
else
echo "Your passwords do not match!";
}
else
echo "Please fill in all fields!";
}
?>
Check the length BEFORE you use md5()
This is because you Hash the Password in MD5 and that changes the $password variable to a 32 Characters String
When you send the password in the md5 function, that function actually creates a 32 character hexadecimal number (hash) and so your checking is useless.