gilk9 Posted August 16, 2009 Share Posted August 16, 2009 Hi, have had a mySQL database running on Godaddy shared linux host for 3 years without problem. Thought I would like to do some enhancement on it but not wanting to stuff up a working system I thought I would create another mySQL database to test the changes before committing them to go live. Problem is that the authentication on new DB does not work. Identical code except for the new database name and password. Using cookie session and password hashing. The connection obviously occurs because the login window appears, But when the username and password are entered, the query dies and I am returned to the login page. Since constructing the initial working database, Godaddy is now offering mySQL versions of 4.1.22 or version 5. The original DB which I dumped and imported into new DB is still in 4.0.27. I Know the password hashing algorithm has changed, and the field size has to be increased to 41 chrs to accommodate this. I can see everything in new DB OK in MySQLFront, and phpMyAdmin, just cant connect via firefox, ie or safari. Can anyone help me as to where I should look to fix this issue. TIA gilk9 Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/ Share on other sites More sharing options...
ignace Posted August 16, 2009 Share Posted August 16, 2009 Can anyone help me as to where I should look to fix this issue. Google. Or if you want us to take a look then post your code. Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899344 Share on other sites More sharing options...
gilk9 Posted August 16, 2009 Author Share Posted August 16, 2009 Can anyone help me as to where I should look to fix this issue. Google. Or if you want us to take a look then post your code. I have spent 20 hours on google looking for similar problems where a webhosters change of mySQL versions has broken previously usable code, to no avail. Hence my trip to the freaks! Herewith the relevant part of the code.... <?php session_start(); //check for required fields from the form if ((!$_POST[username]) || (!$_POST[password])) { header("Location: adminlogin.html"); exit; } //connect to server and select database $conn = mysql_connect("***", "***", "***") or die(mysql_error()); mysql_select_db("AAAdistanceed",$conn) or die(mysql_error()); //create and issue the query $sql = "select * from auth_users where student_type != 'x' AND username = '$_POST[username]' AND password = password ( '$_POST[password] ' ) "; $result = mysql_query($sql, $conn) or die(mysql_error()); if ($queryResult) { echo 'Success.'; } else { echo 'Query failed. Please try again.'; } it is at this point that the query fails!!! If it doesn't fail the code goes on to get values for the variables, set authorisation cookie and set session variables, etc etc. ending in ?> As stated before, this code works well on host using ver 4.0.27 mySQL, but doesnt work on host using ver 4.1.22 mySQL This is the only difference that I can see... so that is why I am hoping you experienced people can see what I cant. TIA gilk9 Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899369 Share on other sites More sharing options...
DEVILofDARKNESS Posted August 16, 2009 Share Posted August 16, 2009 If I remember you can't do != in a query but you have to right IS NOT, (I can be wrong, if you may not do && or || why would it be possible to do !=) P.S.: If I wanted to, I could break in, into your server because you just showed us, your username and password for the server!!! edit your post, Lucky for you I don't want to break in ;p Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899371 Share on other sites More sharing options...
wildteen88 Posted August 16, 2009 Share Posted August 16, 2009 If I remember you can't do != in a query but you have to right IS NOT, This is untrue. != is perfectly fine syntax. It means Not equal to. The same as it does in PHP. As you're now using MYSQL4.1.x, your existing passwords stored in your database will no longer work. This is because in MYSQL 4.1 the PASSWORD function now returns a 41 byte hash. Where as the PASSWORD function for MySQL4.0 returns a 16 byte hash. This is why your users can no longer login any more. To fix this you can use the OLD_PASSWORD function instead. Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899391 Share on other sites More sharing options...
DEVILofDARKNESS Posted August 16, 2009 Share Posted August 16, 2009 Sorry, I knew you couldn't do && and || so I thought you also couldn't do != I apologize Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899394 Share on other sites More sharing options...
ignace Posted August 16, 2009 Share Posted August 16, 2009 Sorry, I knew you couldn't do && and || so I thought you also couldn't do != I apologize Then you have read a different manual then I did: http://dev.mysql.com/doc/refman/5.0/en/non-typed-operators.html Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899462 Share on other sites More sharing options...
DEVILofDARKNESS Posted August 16, 2009 Share Posted August 16, 2009 Now I'm completely upset! If I remember it was someone from PhpFreaks that told me (when I was a noob that even didn't know how to do a normal loop) that you could never use && and ||, :'( Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899643 Share on other sites More sharing options...
gilk9 Posted August 17, 2009 Author Share Posted August 17, 2009 If I remember you can't do != in a query but you have to right IS NOT, (I can be wrong, if you may not do && or || why would it be possible to do !=) P.S.: If I wanted to, I could break in, into your server because you just showed us, your username and password for the server!!! edit your post, Lucky for you I don't want to break in ;p I wish you could break in with php code...because I cant note this is just a testbed for another site so go for it please, then show me the code. Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899696 Share on other sites More sharing options...
gilk9 Posted August 17, 2009 Author Share Posted August 17, 2009 If I remember you can't do != in a query but you have to right IS NOT, This is untrue. != is perfectly fine syntax. It means Not equal to. The same as it does in PHP. As you're now using MYSQL4.1.x, your existing passwords stored in your database will no longer work. This is because in MYSQL 4.1 the PASSWORD function now returns a 41 byte hash. Where as the PASSWORD function for MySQL4.0 returns a 16 byte hash. This is why your users can no longer login any more. To fix this you can use the OLD_PASSWORD function instead. I have already changed the field size to 41, I have already generated new passwords with phpMyadmin using the new hash algorithm Still the problem continues with the code shown Still I can view the database with MySQL-FRONT and phpMyAdmin But cannot access the database using the code that has always worked before. So what is different??? Quote Link to comment https://forums.phpfreaks.com/topic/170484-something-has-changed-on-godaddy/#findComment-899699 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.