mysql password function

Anon

I'm getting an error everytime i try to select a password from a database using the password() function. heres what i have

$query = "SELECT * FROM user WHERE password = password('$pwd')";

since the passwords are stored using the password function, how can i retrieve them for authentication?

thanks - null

[deleted]

What is the error that you get?
MySQL's password function is irreversable, you cannot get it back. You can only encrypt the given password and compare the encrypted version with the one stored in the database.

gio2k

To insert in the DB:

$query = "insert into test(bla, password)
values($bla, PASSWORD('$password'))";

$query = "SELECT FROM test WHERE password = password('$password')";

You have to make sure the column password is at least char(16)

-Gio-

Anon

well mysql is telling me i have an invalid result, i don't understand why though. i'm using sessions, and before i pull to check the password and username, i check the username and password from the registered session values. The are there, but for some reason i cant get a result.

query/result::
$sql = "select * from user where username = '$uid' and password = password('$pwd')";
$result = mysql_query($sql);

the strange thing is that it will work in other scripts if i supply the username and password directtly.

gio2k

I think you should start debugging:

$sql = "select * from user where username = '$uid' and password = password('$pwd')";
$result = mysql_query($sql);

if(!$result)
{
echo $sql;
// You can echo the error also
}

Post the query result of the echo statement, to check if there is a problem with your session variables.

-Gio-

Anon

heres what it display's after i echo $sql :

select * from user where username = 'nully' and password = password('apples')

both values are correct. so i guess it isn't the sessions?

gio2k

Are you sure the column in which you store the password is at least char(16)?

-Gio-

[deleted]

WHat is the EXACT error message?

Anon

Its ::
Warning: Supplied argument is not a valid MySQL result resource in c:\inetpub\wwwroot\aidn\index.php on line 224

this is the only problem i'm having, it's a wee bit of a pain eh?

Anon

Yes. exactly.

webphp

What does your code look like that is executing your queries? From connection to query to output of results?
And what does line 224 say? Chances are that it is a function that is calling the db that you are supposed to have open, but for some reason, the db connection is no longer valid.

Anon

i've fixed the problem. i went through, started over that whole segment, threw it into another file and included it. I'm not sure what the problem was but its working now. Thx for the help fellas, you've all done a great deed =]

incase for some odd reason your curious, you can preview what you guys helped me with at http://aegis-interactive.net.

thanks again, i owe you all a big one =]