Password in mysql SQL

loic

Hey,

Here is my tiny probleme, i've got a database table that contains users' informations as name, firstname, date of birth and password. I don't want the password to be stored clear in the database so i used the "password" type in my password row in mysql.

But now when i try to check password with that simple SQL sentence :

SELECT users.name FROM users WHERE ((users.name='$name')and(users.password='$password'))

This is not working of course cos my $password variable contains the user's password clear so it doesn't match with the encrypted password in the database 🙁

Any help will be appriciate.
Thx

Blob

? I don't quite understand...

You should always encrypt passwords, and never decrypt them.

So when they register you encrpyt the pass with md5() and then put it in the db.

When they login (or whatever you're doing)...

SELECT users.name FROM users WHERE ((users.name='$name')and(users.password='md5($password')))

Something like that.