[Resolved] md5

Velausanakha

I've been thru some of the past posts on md5 and the few I looked at

weren't helpful

when I try to insert a md5'd password into my database, I get this

message


Warning: SQL error: [Microsoft][ODBC Microsoft Access Driver] Syntax 

error (missing operator) in query expression 

'971ef6d73b20a633967633686c8e124a'., SQL state 37000 in SQLExecDirect 

in path/fileame.php on line 119

why?

I tried finding some examples too for the missing operator but none

could be found. Not even the phpdocs helped

Mordecai

Looks like your query may have an error in it. Paste the line that gives you the error, it will surely help.

Velausanakha

$encrypted =  md5($_POST[Password]);

$SQL_Exec_String = "Insert Into Person ( PersonID, Title, FamilyName, GivenName, PreferredName, Password, DateOfBirth, Mobile, DateExpired, FirstJoined) Values ( $PersonID, '$_POST[Title]', '$_POST[Surname]', '$_POST[FirstName]', '$_POST[Preferred]', $encrypted,'$_POST[BirthDate]', '$_POST[Mobile]', date()+(365*5) , date())";

basically the query that's going awry, before I had the md5 in there I had it like all the others and it worked perfectly

Mordecai

Just as I'd expected. You've got no quotes around the MD5 string. Try: '$encrypted' rather than just $encrypted.

Also, there are about 10 other errors in that one line alone. You have: $_POST[Title]--doubtfully you have the constant TITLE, you want 'Title' instead. Might also be beneficial for you to turn your error reporting up, that line should go haywire.

Velausanakha

worked perfectly

i could've sworn I tried that - oh I know now why, I did it on the variable $encrypted, not in there and I saw it wasn't on personID but thats a numeral

you've confused the hell out of me about Title and the other errors though

care to elaborate?

Mordecai

$_POST[Title] is not correct because 'Title' is a string. Right now, it's checking for the constant named TITLE, which I doubt you've set (define()). Since the constant does not exist, it will try 'Title', which does exist. It also outputs a warning, which you have supressed with your error reporting level. Put this at the top of the file: error_reporting(E_ALL);

Hope that clears it up a bit.

Velausanakha

so it should be $_POST['Title'] then?

cos I have '$_POST[Title]' if thats what ur referring to - its in single quotes