- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: PHP & MySQL related query
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-12-2005 05:43 PM
тАО09-12-2005 05:43 PM
Not sure I'm putting my query inside proper category.This is related to password() function of MySQL and md5() function of PHP. I'm wondering that the result (encryption) produced by both command options is same or different. I want to make login procedure secure into my webpage, and using password() option to encrypt passwords into mysql databse. also I MD5ed the password entered by user at login.php by md5() option. but when I'm making a match expression (if password of php == password of database), i found i'm not able to login, which means both are not matching. It works fine if I enter text password in database and accept plain-text password from login.php. It shows that the encryption made by both commands are different, that's why the match exp. not resulting true.
Also, I'm getting an error display "cannot jump to row 0..." on login page. I know it is because of mysql_result() function, but I don't want it to be displayed on my login page.
I'm attaching the simple login.php script for your review.
thanks in advance
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-13-2005 12:11 AM
тАО09-13-2005 12:11 AM
Re: PHP & MySQL related query
Why do you use password function in mysql?
The PASSWORD() function is used by the authentication system in MySQL Server, you should not use it in your own applications. For that purpose, use MD5() instead.
Regards,
Sergejs
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-13-2005 08:20 PM
тАО09-13-2005 08:20 PM
Re: PHP & MySQL related query
You either use PHP's md5 functions, and store the md5 string (as plain-text) in the MySQL database, or you just use MySQL's password() function.
One, or the other.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-14-2005 07:49 PM
тАО09-14-2005 07:49 PM
Re: PHP & MySQL related query
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-14-2005 08:10 PM
тАО09-14-2005 08:10 PM
Re: PHP & MySQL related query
Thanks for the help provided by you all, but I'm sorry I think I was not able to explain the problem to you properly. Let me do it again:
scenario is : I'm using Mysql database to store username, password and group into a table. password is encrypted inside the table by using passoword('actual password entered by user') function at the time of inserting data. Now, I want to use a php login page on my website to authenticate user matching mysql data. I'm using php's md5() function to encrypt password entered by user on login.php form, and then I'm matching it against mysql's password. I found they are not getting matched, I understood ( as SB explained) that it is because of different type of encryption by md5() & password().
Now, as SB suggested to use either password() or md5(), I'm not able to understand if I use encryption on only one end ( either in database or in login.php form), how could they match and return true? please guide me to understand this...
thanks in advance, and please also let me know the solution for the error display as explained in first post.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-14-2005 08:18 PM
тАО09-14-2005 08:18 PM
Re: PHP & MySQL related query
To accomplish this, update users with the following SQL:
mysql> USE mysql;
mysql> UPDATE mysql.user SET Password = OLD_PASSWORD('newPassword') WHERE Host = 'someHost' AND User = 'someUser';
mysql> FLUSH PRIVILEGES;
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-14-2005 08:18 PM
тАО09-14-2005 08:18 PM
Solutioninsert into usertable (user, group, password) values ('userone', 'group1', password('actualpasswordenteredbyuser'));
Pretty standard, you'll have
Login.php:
select user, group, password from usertable where user = 'userone' and password = password('passwordfromlogin.php');
Basically, you get MySQL to do the password matching. If you get a record back, then you've successfully entered the password. If you don't get any records back, then they made a boo-boo.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-20-2005 10:58 PM
тАО09-20-2005 10:58 PM
Re: PHP & MySQL related query
In the /etc/httpd/conf.d/auth_mysql.conf there are a few comment lines how to manage your issue. Look in that file and find your answers.
Hope that helps,
Renarios
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-18-2005 06:41 PM
тАО10-18-2005 06:41 PM
Re: PHP & MySQL related query
I presume that you are having a problem getting the password into the database in a valid format in the first place. Why not, when you insert the userid/password into the database, use the MD5 function in MYSQL?
eg. INSERT into table SET password=MD5('string');
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-03-2006 06:05 PM
тАО01-03-2006 06:05 PM