(11-01-2016, 01:23 PM)PaulD Wrote: Hi,
What you are asking is very difficult to debug as the error could potentially lay in any number of places.
Doing a secure register, confirmation email, login script is (apart from actually taking online payments) possibly one of the most difficult things to achieve, so if you are experiencing issues, rest assured, we have all experienced them.
I recently used peopleperhour.com and was mightily impressed with how they had streamlined the entire registration and login process. Be aware that site like this are really raising the bar for what users expect in terms of a login and authentication procedure.
In a recent site I built (which I was quite pleased with) the user simply entered their email address and a password was emailed to them. The first time they logged in, they got a welcome screen with an immediate "set your own password" demand before being given access. I do not know a simpler way to do this (apart from peopleforhour whose link logged you in immediately and then you got an email about setting a password, which for them was most certainly the right way to do it).
Using MD5 for encryption is not recommended, especially for passwords etc.
There are some fabulous libraries available, such as ionauth, but that is not the only one, but using a library for these functions is highly recommended. They often take into account factors we easily overlook, and even if doing an auth system for yourself is great experience, it is unlikely we are ever going to be expert or knowledgeable enough about security considerations to ever produce anything that will equal what these libraries offer, especially given their age, history, development and best practices they implement. So whatever the learning curve is in choosing and then getting to know the library you select, it is probably best to spend the time getting to know them and to work within them, rather than crafting you own from scratch, even as tempting as that idea might at first appear.
Just my two penneth, I am sorry I cannot add anything to the problem you have outlined here.
Best wishes,
Paul.
Already remove the md5 right now. It's make me confused, code is fix when i remove the md5, damn it.
