How to make case sensitive log in with my code?

Question

Why my login code not case sensitive?, How can I do?

My table "member"

 _________________________
|__username__|__password__| 
|____mango___|___123456___|

I try to login with

1. username = mango and password = 123456 , it's echo "true"
2. username = MANGO and password = 123456 , it's echo "true"
3. username = Mango and password = 123456 , it's echo "true"

Why my login code not case sensitive ?, how can i do ?

<?PHP
    include("connect.php");
    $strUsername = trim($_POST["usename"]);
    $strPassword = trim($_POST["password"]);

    $sql = "SELECT * FROM member WHERE username = '".mysql_real_escape_string($strUsername)."' 
            and password = '".mysql_real_escape_string($strPassword)."' ";
    $result=mysql_query($sql);
    $row=mysql_fetch_array($result);
    $count=mysql_num_rows($result);
    if($count==1)
       {
           echo "true";
       }  
    else
       {
           echo "false";
       }        
?>

A little-searching should have brought [this](http://stackoverflow.com/a/7857705/2513523) up — AyB, Jan 27 '14 at 09:55
You are using [an unsuitable hashing algorithm](http://php.net/manual/en/faq.passwords.php) (i.e. none!) and need to [take better care](https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet) of your users' passwords. — Quentin, Jan 27 '14 at 09:57

Nick · Answer 1 · 2014-01-27T10:03:24.597

Use binary:

$sql = "SELECT * FROM `member` WHERE BINARY `username` = '".mysql_real_escape_string($strUsername)."' 
        AND BINARY `password` = '".mysql_real_escape_string($strPassword)."' ";

There are also a few other improvements you could make to your code.

You aren't using any hashing for your password - read this
You are using deprecated mysql_* functions which PHP are trying to phase out. There are good alternatives out there, this article gives a good explanation which should help you choose which alternative would be best for you.

How to make case sensitive log in with my code?

1 Answers1