Buyocat Posted February 27, 2006 Share Posted February 27, 2006 Hi, I'm having the following problem that maybe one of you can help me with. When I query the database with PHP the result I get is FALSE. However when I go through SQLadmin it works. My code for works like this:$query = "SELECT user_id, username, password, first_name, last_name, email, verify, number_decks, study_interests FROM users WHERE username = 'Buyocat' AND password = MD5 ('password')";$result = @mysql_query ($query);if (is_bool($result)) print "Boolean" // this printsif ($result) {while ($data = mysql_fetch_array($result, MYSQL_NUM)) print $data[0];} // that doesn't printAs may be apparent this is a log in script. Insert scripts before this do work using the same machinery. If anyone has any idea what the problem might be I would really appreciate the help. Quote Link to comment https://forums.phpfreaks.com/topic/3700-mysql-query-failure/ Share on other sites More sharing options...
kenrbnsn Posted February 27, 2006 Share Posted February 27, 2006 Since you are debugging the code, remove the "@" which suppresses error messages and add an "or die" clause to see what the error is.[code]<?php$query = "SELECT user_id, username, password, first_name, last_name, email, verify, number_decks, study_interests FROM users WHERE username = 'Buyocat' AND password = MD5 ('password')";$result = mysql_query ($query) or die('Problem with query: ' . $query . '<br />' . mysql_error());if (is_bool($result)) print "Boolean" // this printsif ($result) {while ($data = mysql_fetch_array($result, MYSQL_NUM)) print $data[0];} // that doesn't print?>[/code]Ken Quote Link to comment https://forums.phpfreaks.com/topic/3700-mysql-query-failure/#findComment-12815 Share on other sites More sharing options...
Buyocat Posted February 27, 2006 Author Share Posted February 27, 2006 Thanks for the help ken here is what it says as the error, "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '('password')' at line 1". Now before this I had been printing out the Query string and copying it into the MySQL admin which would yield the correct result. MySQL admin still seems to find the query string ok, so I'm not totally sure how I can fix it... Well I found the error; it was the space between MD5 and the first (. So the working code looks like:... AND password = MD5('password')...At any rate, I just read that MD5 is no longer a safe encryption type, so I'm going to drop it altogether for encode or something else. Quote Link to comment https://forums.phpfreaks.com/topic/3700-mysql-query-failure/#findComment-12839 Share on other sites More sharing options...
wickning1 Posted February 27, 2006 Share Posted February 27, 2006 Using MD5 for encrypting passwords is just as safe as it always was. The only MD5 exploits involve creating two brand new strings that predictably have the same hash. It's still quite impossible to decrypt it. Quote Link to comment https://forums.phpfreaks.com/topic/3700-mysql-query-failure/#findComment-12878 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.