On 8 Sep, 18:46, Jerry Stuckle <jstuck...@attglobal.netwrote:
Jensen Somers wrote:
Jerry Stuckle wrote:
karlar...@gmail.com wrote:
Hello again.
I have tried to use password() in my login-script but it did not work..
>My code is:
>$sql = "SELECT * FROM users";
$sql .= " WHERE username ='" .
mysql_real_escape_string($_POST['username']) . "' ";
$sql .= " AND pwd = (PASSWORD( ' " . $_POST['pwd'] . " ' )) ";
>What is wrong in this?
And how should I write it?
>Thanks for all help!
>Karl
Karl,
A bigger question is - why are you storing web users in the MySQL user
table? *That should be only for MySQL users - and your website users
should never have MySQL user id's.
Who said he is using the MySQL users table? It's not because his users
table is also called users he is mixing it with the MySQL users table.
Yes, that's true. *However, additionally, if he would have asked in the
correct newsgroup (PASSWORD is not a PHP function), he would have found
he shouldn't be using PASSWORD for encrypting user passwords.
I use md5 and sha1 instead of password(); Now I have the result I was
looking for:)
Now I have to find out how I can do the input sensitive!
I have to control that uppercase and lowercase are exactly written
into the field as it is stored in the database!
Thanks for all help and advice!
Karl