mmarkym Posted August 30, 2021 Share Posted August 30, 2021 I'm using sha1 in my INSERT statement on the password field which works fine. It stores a string into a 40 character encryption in the DB. $str = "INSERT INTO users (fname, lname, date, street, city, state, zip, email, phone, username, password) VALUES ('$fname', '$lname', '$date', '$street', '$city', '$state', '$zip', '$email', '$phone', '$username', sha1('$password'))"; The problem is with the SELECT statement that retrieves the password field. The query does not work using sha1 on INSERT then SELECT but does work with the password field used alone. $query = "SELECT * FROM users WHERE username = '$user' AND password = sha1('$password')"; Quote Link to comment Share on other sites More sharing options...
Barand Posted August 30, 2021 Share Posted August 30, 2021 Should work... mysql> create table users(username varchar(20), password varchar(40)); Query OK, 0 rows affected (0.38 sec) mysql> insert into users(username, password) values('fred', sha1('secret')); Query OK, 1 row affected (0.07 sec) mysql> select * from users where username='fred' and password=sha1('secret'); +----------+------------------------------------------+ | username | password | +----------+------------------------------------------+ | fred | e5e9fa1ba31ecd1ae84f75caaa474f3a663f05f4 | +----------+------------------------------------------+ 1 row in set (0.00 sec) BTW, I would recommend you used prepared statements. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.