SitePoint Sponsor |
|
User Tag List
Results 1 to 3 of 3
-
Mar 4, 2005, 03:41 #1
- Join Date
- Jan 2005
- Location
- France
- Posts
- 59
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
using password(); then checking password. ?
Hi folks,
I'm trying to write authentication for sections of my site. I'm using Kevin's tutorial to help me understand. Thanks Kevin
http://www.sitepoint.com/article/use...sessions-mysql
I'm very new to all things mysql and php, so don't beat me to hard
I'm using MYSQL 4.1.10-nt on WinXP... for the time being
I have a problem with the password feild. So I have crashed out of php and I'm doing this on the command line in mysql. Same problemhere is what I do.
I have a table called user
mysql> insert into user set
->userid = 'xxxx',
->password = password('xxxx');
I then
mysql> select * from user;
which returns
id userid password
1 xxxx *1556A6F665359CE3
OK - I think I'm looking good. I have added a user with a password using the password function to encrypt.
Now I want to test for userid and password for authentication.
mysql> select * from user where
-> password = password('xxxx');
This returns an empty set
I think it's my 'where' statement that is the problem, but I cant find out why.
Pretty stuck here folks; Any help would be appreciated
Thanks.
ps - I love this place
-
Mar 4, 2005, 05:15 #2
- Join Date
- Jan 2002
- Location
- Australia
- Posts
- 2,634
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Sorry I can't see anything wrong with your syntax. I tried redoing most of what you have done and it worked fine (though I didn't match the table structure exactly it was close).
**EDIT - I see you already answered this***
So if you just go select * from user you can see the record in the table ?
What if you try select * from user where userid='xxxx' ?
I now think the problem might be that you made a mistake typing the original insert query.
When I insert password('xxxx'); the hashed result is 5a62d73531da5605 which doesn't match what you have.
-
Mar 4, 2005, 07:08 #3
- Join Date
- Jan 2005
- Location
- France
- Posts
- 59
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by cranial-bore
I got it.
When setting up the database i created the password column like this...
password char(16) not null.
When I ran my query, the return value was 41 digits long, but the password in the db was clipped to 16. So I changed to
password char(41) not null.
That works
I think 41 digits maybe a bit overlkill for what I'm trying to do, so to save some database space I think I will try to work out how to clip the userinput hashed value to 16.
Thanks alot and g'day
Bookmarks