|
Posted by Noodle on 07/25/06 08:16
chsadaki@hotmail.com wrote:
> Hello
> I have a problem in retrieving a row form a table that I created in
> mysql db.
> I insert these values in the table
> 'Bell',password('123').
> But the problem is in my php application I cant retrieve this row
> because the password that I pass dosn't match the password value in the
> table.
> this is the code that I wrote in my php application
>
> $user = $_POST[username];
> $pass = $_POST[password];
> $q = mysql_query("SELECT * FROM admin WHERE username = '$user' and
> password =PASSWORD('$pass')");
>
> if(mysql_num_rows($q)==0){
> echo "Acces denied. User not allowed to connect.";
> mysql_close();
> }
> else
> {
> echo
> "<script>window.location.replace('administrator2.php')</script>";
> }
>
> so if any body has an idea about this problem please tell me about it.
> thanx in advance
> Shameram Sadaki
The Password Function in MySQL is only meant for the MySQL user table.
Quote from MySQL docs: "The PASSWORD() function is used by the
authentication system in MySQL Server; you should not use it in your
own applications" See
http://dev.mysql.com/doc/refman/5.0/en/encryption-functions.html#function_password
You had the right idea, though. I use SHA(), and store the password in
a column with a CHAR(40) datatype.
Navigation:
[Reply to this message]
|