problem with script

hello i have the following script:

Code:

<?php
$host="localhost"; // Host name
$username="test"; // Mysql username
$password="test"; // Mysql password
$db_name="test"; // Database name
$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$amyusername=$_POST['amyusername'];
$encrypted_mypassword=md5($amypassword);

// To protect MySQL injection (more detail about MySQL injection)
 $amyusername = stripslashes($amyusername);
$encrypted_mypassword = stripslashes($encrypted_mypassword);
$amyusername = mysql_real_escape_string($amyusername);
$encrypted_mypassword = mysql_real_escape_string($encrypted_mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$amyusername' and password='$encrypted_mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $amyusername, $amypassword and redirect to file "login_success.php"
session_register("amyusername");
session_register("amypassword");
header("location:login_success.php");
}
else {
header("location:login_failed.php");
}
?>

in my homeserver (apache) it runs fine with no problems at all.
but in my vps (lighttpd) always goes to login_failed.php.
i can't understand what's the problem.
if i change "if($count==1)" to "if($count<1)" it will work with all the usernames.

what the hell?

 

before running the

Code:

$result=mysql_query($sql);

add this:

Code:

echo $sql; exit;

and run the output then in the phpMyAdmin sql box. Will it return just one row?

 

The output is one row.

 

and now run that query in phpmyadmin and check how many rows actually get selected.

 

not understood.. where to run it? in the "SQL" tab? if i run it there it says:

 

that means your query is not right. check if username and password are really like that in the db. I guess the password is wrong.

 

no it's ok.. it's working on localhost.

 

you said yourself that phpmyadmin returns no row with the echoed query. So the query is wrong and you'll have to find out why. So compare the values in the where clause to the one in the database.

 

i encypt my passwords with "md5encryption.com". i found that if i add "echo $sql; exit;" the hash is different :/ why? (the password I'm putting is 100% correct.

 

because the original mechanism used to encrypt the password and the one you use in that script above are not identical.

 

but it works in my local pc (apache).. anyway how can i encrypt it to be identical?