I'm getting an error everytime i try to select a password from a database using the password() function. heres what i have

$query = "SELECT * FROM user WHERE password = password('$pwd')";

since the passwords are stored using the password function, how can i retrieve them for authentication?

thanks - null

    • [deleted]

    1. What is the error that you get?

    2. MySQL's password function is irreversable, you cannot get it back. You can only encrypt the given password and compare the encrypted version with the one stored in the database.

      To insert in the DB:

      $query = "insert into test(bla, password)
      values($bla, PASSWORD('$password'))";

      $query = "SELECT FROM test WHERE password = password('$password')";

      You have to make sure the column password is at least char(16)

      -Gio-

        well mysql is telling me i have an invalid result, i don't understand why though. i'm using sessions, and before i pull to check the password and username, i check the username and password from the registered session values. The are there, but for some reason i cant get a result.

        query/result::
        $sql = "select * from user where username = '$uid' and password = password('$pwd')";
        $result = mysql_query($sql);

        the strange thing is that it will work in other scripts if i supply the username and password directtly.

          I think you should start debugging:

          $sql = "select * from user where username = '$uid' and password = password('$pwd')";
          $result = mysql_query($sql);

          if(!$result)
          {
          echo $sql;
          // You can echo the error also
          }

          Post the query result of the echo statement, to check if there is a problem with your session variables.

          -Gio-

            heres what it display's after i echo $sql :

            select * from user where username = 'nully' and password = password('apples')

            both values are correct. so i guess it isn't the sessions?

              Are you sure the column in which you store the password is at least char(16)?

              -Gio-

                • [deleted]

                WHat is the EXACT error message?

                  Its ::
                  Warning: Supplied argument is not a valid MySQL result resource in c:\inetpub\wwwroot\aidn\index.php on line 224

                  this is the only problem i'm having, it's a wee bit of a pain eh?

                    What does your code look like that is executing your queries? From connection to query to output of results?
                    And what does line 224 say? Chances are that it is a function that is calling the db that you are supposed to have open, but for some reason, the db connection is no longer valid.

                      i've fixed the problem. i went through, started over that whole segment, threw it into another file and included it. I'm not sure what the problem was but its working now. Thx for the help fellas, you've all done a great deed =]

                      incase for some odd reason your curious, you can preview what you guys helped me with at http://aegis-interactive.net.

                      thanks again, i owe you all a big one =]

                        Write a Reply...