Error checking user/pass with MySQL

bryank

I have a simple (so I thought) authentication where I look up the user/pass combo in MySQL and even though I am sure I entered the username and password exactly how they are in the database I do not get by the authentication. Here is my code:

$db = mysql_connect("localhost","user","pass");

if (!$db)
{
	echo "No connection.";
	exit;
}

mysql_select_db("database");

$query = "select count(*) from user where username = '$username' and password = password('$password')";

$result = mysql_query($query);

if (!$result)
{
	echo "Cannot run query.";
	exit;
}

$count = mysql_result ($result,0,0);

if (!$count > 0)
{
	echo "It appears that user/pass combo is not valid.";
	exit;
}

The password is encryped in MySQL so I used password($password) and I continually get the "It appears that user/pass combo is not valid." error?

bogu

I suposed that your password() is a function witch enctrypt your password with md5() try echo what your function returns and see if your password in mysql looks the same, or change your query like this:

$query = "select count(*) from user where username = '$username' and password = ".password($password);

Or you could echo your query to see if its OK.