[PHP] Re: password=password('$password') <----- ? help me... :P

Mon, 21 Jan 2002 07:24:59 -0800 

Try this:

 $query = "SELECT username,password FROM users WHERE
username=\"".$username."\"
                AND
                password=\"".password($password)."\"";

MySQL needs all string data wrapped in quotes.  Maybe the backslashes are a
bit confusing at first, but its worth taking the time to understand them.

Robert V. Zwink
http://www.zwink.net/daid.php


-----Original Message-----
From: LaserJetter [mailto:[EMAIL PROTECTED]]
Sent: Saturday, January 19, 2002 3:43 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Re: password=password('$password') <----- ? help me... :P


Forget that last post - sorry!!!

Instead of using password('$password') in the query string, I would insert a
line before connecting to the DB:

$newpass = password($password)    <-- dont need quotes round here

then

$query = "SELECT username,password FROM users WHERE username=$username AND
password=$newpass";

As $username and $newpass are already inside double quotes you dont need to
put them in again!!

LJ

"Hawk" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I've been trying to get this to work for a while, and everyone says that I
> should use the same thing, but it doesn't work, can anyone tell me what
I'm
> doing wrong?
> from the form on the previous page I have the $username and $password vars
>
> mysql_connect($host, $user, $pswd);
> mysql_select_db($db);
> $query = "SELECT username,password FROM users WHERE username='$username'
AND
> password=password('$password')";
> $result = mysql_query($query);
> $num = mysql_num_rows($result);
>
> the $query line is made up from what everyone has told me to write..
> I tried to add a list($usarname, $pessword) = mysql_fetch_row($result);
> and it returned "" .. but when I removed the "AND
> password=password('$password')" part the list showed the username and the
> password in encrypted form
> I don't know how this could help me in any way, but atleast it shows I
have
> an encrypted password, but the problem is that the line everyone uses
> doesn't work.. maybe I need to change some setting in mysql och php.ini or
> something? anyone have any idea?
> I know I've asked this several times but it doesn't seem like I'm
understood
> with my problem. Hope I will be now.
>
> Hawk
>
>
>



--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to