How to query a PASSWORD() encrypted field?

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
Travieso
Forum Newbie
Posts: 2
Joined: Wed Jun 11, 2003 12:09 am
Location: 19°24'N 99°12'W

How to query a PASSWORD() encrypted field?

Post by Travieso »

Hi I've spent 2 days trying to get my user authentication to work, and now I'm here ( Hello everybody from a newbie)
I can query my user table fine until I change the INSERT query to include PASSWORD('$password') function.
ie
$query = "insert into users (user_name, password ) values ('$name', password('$password'))";

So then my password is stored encrypted, and then my authentication query doesn't give true result. It returns false when data that is stored in the table is entered.
$query = "SELECT * FROM users
WHERE user_name='$user_name' AND password='$password'";

I'm now thinking something here needs to be changed for the query to give a true result against the encrypted field, but I can't find the info.
Does that make sense to anybody?
Thanks in advance
:)
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

change the where to ... AND password=password($password) so that you are comparing two encrypted passwords.
Travieso
Forum Newbie
Posts: 2
Joined: Wed Jun 11, 2003 12:09 am
Location: 19°24'N 99°12'W

Post by Travieso »

:D Thankyou Neilsene!:P Now why did'nt I think of trying that? :oops:

I can go and get stuck with something else now :wink:
Post Reply