UBB.Developers Forums Community Development Programming MySQL and Server Configuration MySQL encrypted passwd that PHP can see

I have a simple PHP login script that checks username and password in a table called 'user' in a database called 'secret'.

The PHP script is checking as such:
$db = mysql_connect("localhost", "myuser", "mypassword");
mysql_select_db("secret")
SELECT id from user WHERE username = '$user' AND password = MD5('$pass');

$user and $pass are simply the value from the login. THe above SQL query is presenting a empty set for #user and $pass, but does return the id.

So my questions is, how do I add a MD5 password to the password field ( $pass ) for the $user ?

I've tried: SELECT MD5('mypasswordhere'); and this does spit out a MD5 encrypted password for 'mypasswordhere' but how do I get it in the password field?

michael

[]how do I add a MD5 password to the password field ( $pass ) for the $user ?[/]

I don't understand this question.

what would be the syntax to compare the MD5 encrypted password in the database against a mysql_fetch_row statemnt query such that is it existed would do x.

michael

Do you mean that you want to fetch the MD5-encrypted password from the database, and then compare it to something else, using PHP?

Maybe it would help if you write some pseudo-code, and then I can translate it to valid PHP or SQL.

I think what you need to do is to md5 the password with php and just store it in the field. This way you will have a simple comparison of two values.

So if you have a text box which is of type password (displays little stars) you grab that value and you do:

$encrypted = md5($pass);

and then

SELECT id from user WHERE username = '$user' AND password = '$encrypted';

This should do what you want. Alternatively if I am totally wrong on understanding what you need (no big surprise there ) please let us know what you were thinking with a bit more detail.