SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Enthusiast
    Join Date
    Jan 2010
    Posts
    51
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    check mysql for password

    im creating a login page.

    using the following code works
    PHP Code:
    $username $_POST['username'];
    $password $_POST['password'];

    $SQL "SELECT * FROM members WHERE username = '$username'"
    but this does not
    PHP Code:
    $username $_POST['username'];
    $password $_POST['password'];

    $SQL "SELECT * FROM members WHERE username = '$username' AND password = '$password'"
    what am i doing wrong?

  2. #2
    SitePoint Wizard silver trophybronze trophy Cups's Avatar
    Join Date
    Oct 2006
    Location
    France, deep rural.
    Posts
    6,869
    Mentioned
    17 Post(s)
    Tagged
    1 Thread(s)
    If you are inspecting inherited code, maybe passwords are encrypted in your database? Take a close look at the output of the sql statement via your database management tool.
    Code:
    DESCRIBE members;
    If passwords are 8 chars in length, but DESCRIBE tells you it is 40 characters then it is likely that as passwords are added they are encrypted with SHA1() or something like that.

    OR try this:
    Code:
    select password from members where username = 'ENTER A VALID USERNAME HERE'
    If passwords are not encrypted, then they really should be.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •