Jump to content

Recommended Posts

You wouldn't if it was for the 'email' clause in question and that 'email' password NOT blank... :)

How about helping the person who's asking the question with actual help to resolve his issue than just wanting to post a 'question' of no value - 'give creditable advise, if you have it, or...' SMILE

Edited by n1concepts

You wouldn't if it was for the 'email' clause in question and that 'email' password NOT blank... :)

How about helping the person who's asking the question with actual help to resolve his issue than just wanting to post a 'question' of no value - 'give creditable advise, if you have it, or...' SMILE

He WAS asking the OP, not you.

 

The OP is claiming that the query is returning results he feels are impossible. The question is how do you know it's returning results? The point being, the problem may be with your code that is making you think it returned something.

 

How about you don't tell other people what to post, and let the moderators deal with it if there's an actual problem. Our rules state this.

 

 

 

And since you're so keen on helping the OP, maybe you should re-read the post. Your query is even further from what he wants. You have not provided anything of value to this thread.

Edited by Jessica

Well I know it's returning an ID because I'm running this query in mysql directly. I am positive that the password of this user is not blank and still if I try to log in with a blank password field it logs in ( the query passes because it returns an ID which sets mysqli num_rows property to greater than 0 ). I tried this with other users and it returns wrong password ( doesn't return an ID ), just with this specific user the query passes without a password. This is really weird 

Edited by php_nub_qq

Do a select * on the user id. What is returned?

 

All columns appear

 

 

 

The password must be blank, otherwise it wouldn't work.

 

The password is asdasd

 

 

 

I can just delete this user but I'm really curious why this is happening and if it could happen again in future O.o

actually, do a SELECT * FROM `users` WHERE `email`='email@gmail.com' and post what you get as a result so that we can see it too (alter the posted email address if it is a real one), to help in finding out why what you are doing isn't working. posting your table definition and your actual code that is forming and running the query would help too.

 

you either have one or more rows with that email address in it and have a row with an empty password in it that the query is directly matching or you have a row with a password value containing characters in it that are being converted to a value so that it matches an empty string. it's also possible that both your actual code and the method you are using to run the query directly in mysql (you haven't shown your code or stated how you are directly running the query) is causing a conversion that matches a row (see the following thread where someone was matching all values in a column because of a character column being treated as/converted to a number for the comparison - http://forums.phpfreaks.com/topic/276881-mysqli-update-using-placeholders/ )

 

to help you to find the cause of the problem we need to know and have all the information, code, data, that you have about the the problem.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.