md5 sql query

[StirCrazy]

Can anyone help with the correct syntax for the following query:-

  $r = my_query("select id,email from users where md5(email)=$email");
  list($toid,$email) = mysql_fetch_row($r);

Thanks in advance
S.C>

[craygo]

do the conversion first.

[code]<?php
$md5_email = md5($email);

$sql = "SELECT id, email FROM users WHERE email = '$md5_email'";
?>[/code]

Out of curiosity, why would you store an email address in an MD5 hash anyway. Impossible to change one in the db and you can't show it.

Ray

[StirCrazy]

Thanks for your comments craygo.

Can't work like ^^^ that.

the email address are stored normally in the database. I md5'd them when I displayed them in a form on the previous page where users can checkbox the required user they want to email. The purpose being that I don't want them to be visable when you 'view source'.

So now they're parsed already encrypted and now need to match up with the unencrypted data.

does that make any sense at all LOL.


S.C>

[StirCrazy]

been googling and can seem to find any reference to md5 being used in queries.

has anyone else ever seen it being used like this?

S.C>

[craygo]

Well what you have to do is query the database first to get a match on the e-mail address. once it matches, get the id of the row that is needed. then md5 hash it once it is found. Or just add one more field in the database with the e-mail addres hashed and problem solved. If you want to protect the e-mail address it will be worth doing and alot easier on your code.

1. create field type=varchar length=32

2. use this sql UPDATE tablename SET md5_email_field = md5(e-mail_field)

Now you have it set

Let me know if you need more help

Ray