|
|||||||||
|
|||||||||
| |||||||||
|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| ||||||||||||||||||||||||||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Codewalkers Forums Sponsor:
|
|
|
|
#1
October 7th, 2002, 03:51 AM
|
|||
|
|||
|
password problems
Thank you for reviewing my question.
For some reason the query will fail if password('$password') is in it. Can anyone tell me what's going on? I am using php/mysql function login($username, $password) //check username and password with db //if yes return true //if no return false // { //connect to db $conn = db_connect(); if (!$conn) return 0; //check if username is unique $result = mysql_query("select * from user where username = '$username' AND passwd = password('$password')"); if (!$result) return 0; if (mysql_num_rows($result)>0) return 1; else return 0; }
|
|
#3
October 7th, 2002, 11:02 PM
|
|||
|
|||
|
RE: password problems
I have had exactly the same problem as you. My code came out of a book "PHP and MySQL Web Development".
I am a complete ignoramus as you will see but with help from anon above, I've managed to make it work. What I don't know is whether the changes I've made will have security problems down the track. Someone can say if there might be a problem. Anyway, here is the code and it works: // check if username is unique $result = mysql_query("select * from admin where username ='$username' and password = '$password'"); I took out the ('$password') bit. Hope this helps, let me know if I have done something bad. Carol
|
|
#4
October 7th, 2002, 11:40 PM
|
|||
|
|||
|
RE: password problems
I get a resource id #2 as the result
|
|
#5
October 8th, 2002, 12:43 AM
|
|||
|
|||
|
RE: password problems
Carol,
taking out the password bit is bad...anyone that can see your database can see all your passwords... lifeafter76, Make this: $result = mysql_query("select * from user where username = '$username' AND passwd = password('$password')"); this: $query = "select * from user where username = '$username' AND passwd = password('$password')"; echo $query; $result = mysql_query($query); Then you can see what is being sent to the database. Then, try and run that query against the database yourself without PHP and see what error you get.
|
|
#6
October 8th, 2002, 02:07 AM
|
|||
|
|||
|
RE: password problems
It works! Thank you so much...so I take it that you should use mysql_query() on a variable as oppose to the actual query statement.
|
|
#7
October 8th, 2002, 03:52 AM
|
|||
|
|||
|
RE: password problems
I've tried your help anon and no go in terms of logging on. The select query prints out with the correct username and password showing.
Any more advice will be most welcome. Thanks, Carol
|
|
#9
October 8th, 2002, 08:59 PM
|
|||
|
|||
|
RE: password problems
I've never used PHPMyAdmin I must admit. In fact, I can't see how to use it. But I've run it through the MySQL Monitor as a normal sql query and it is perfect.
Thanks in anticipation.
|
|
| Viewing: Codewalkers Forums > Other Technologies > Database Help > password problems |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
|
|
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
