Miles, You must MD5 the value outside of mysql for it to evaluate it, from the error I just got. i have tried $passhash = MD5($username.$password); $arg = "select password, 1 as auth from acl where (username='andrewd' and password=($passhash))";
And get the following error... select password, 1 as auth from acl where (username='andrewd' and password=(c59d088cd3d873af5239cfac1234f370))1054 : Unknown column 'c59d088cd3d873af5239cfac1234f370' in 'where clause' So at least the MD5 is now evaluated. But there is still and error in there. Andrew -----Original Message----- From: Miles Thompson [mailto:[EMAIL PROTECTED]] Sent: Friday, 11 January 2002 3:29 AM To: Necro; [EMAIL PROTECTED] Subject: RE: [PHP-DB] MySQL Result Resource LIGHT just came on!!! Why does ittake so long. MD5(andrew.madonna) - I think you're goint to have to do this $passhash = $username . $password and use MD5($passhash). MySQL is looking for a table "andrewd" with the field "madonna" in the way the MD5() is presently structured. Go to it - Miles At 03:09 AM 1/11/2002 +1100, Necro wrote: >Yep, > >andrewd is the username im trying to get this script to work with, its an >authentication script.. > >The result of echo $arg is the following: > >select password, 1 as auth from acl where username='andrewd' and >password=MD5(andrewd.madonna)1109 : Unknown table 'andrewd' in where clause > >Andrew > >-----Original Message----- >From: Miles Thompson [mailto:[EMAIL PROTECTED]] >Sent: Friday, 11 January 2002 3:08 AM >To: Necro; [EMAIL PROTECTED] >Subject: RE: [PHP-DB] MySQL Result Resource > > >Can you try this puppy at the MySQL console? I'd dearly love to know where >"andrewd" is coming from, it sounds like your username. > >Before executing mysql_query(), echo $arg and see what it prints. > >This is strange, but better than what we had - Miles Thompson > >At 02:54 AM 1/11/2002 +1100, Necro wrote: > >Ok, > >I have tried a few things now. I finally got it to echo the errors, firstly > >there was still a prob with MD5 values being in the apostrophes. > >Then next error was no db was selected. So i added a mysql_select_db > >statement. > >Now i get this: > > > >1109 : Unknown table 'andrewd' in where clause > > > >andrewd being the username I am trying to get it to accept. > > > >Following lines are the current bit: > > $arg = "select password, 1 as auth from acl where > > username='$username' and > >password=MD5($username.$password)"; > > $result = mysql_query( $arg ) or die(mysql_errno()." : ". > > mysql_error() ); > > $row = mysql_fetch_array($result); > > > >Andrew > > > >-----Original Message----- > >From: Miles Thompson [mailto:[EMAIL PROTECTED]] > >Sent: Friday, 11 January 2002 2:36 AM > >To: [EMAIL PROTECTED] > >Subject: RE: [PHP-DB] MySQL Result Resource > > > > > >Break up the code. > > > >I assume you are connecting to the database with mysql_connect() or > >mysql_pconnect(). If not, do that. > > > >Echo your query so that you know it contains valid values. > > > >Break $row = mysql_fetch_array(mysql_db_query( DATABASE, $arg )); > >into > >$result = mysql_query( $arg ) or die(mysql_errno()." : ". mysql_error() ); > >$row = mysql_fetch_array($result) ) > >then do whatever processing you need with the array $row. > > > >Miles > > > >PS Just reply to the list, if you reply directly to me I have one more > >message to delete. <g> /mt > > > >At 02:10 AM 1/11/2002 +1100, Necro wrote: > > >Yeh, I notice now the MD5 was wrong. > > > > > >But I still get the same error on line 104. If I try and replace it with > >the > > >current query function then I get two errors. > > > > > >e.g. > > >Warning: Supplied argument is not a valid MySQL-Link resource in > > >d:\htdocs\infekt\packages\auth.inc on line 104 > > > > > >Warning: Supplied argument is not a valid MySQL result resource in > > >d:\htdocs\infekt\packages\auth.inc on line 104 > > > > > >Andrew > > > > > > > > >-----Original Message----- > > >From: Miles Thompson [mailto:[EMAIL PROTECTED]] > > >Sent: Friday, 11 January 2002 2:05 AM > > >To: Necro; [EMAIL PROTECTED] > > >Subject: Re: [PHP-DB] MySQL Result Resource > > > > > > > > > > > >The use of the MD5 function in the query doesn't look quite right. > > >Shouldn't it be MD5('$password') or MD5('$username'.'$password') if > > >concatenating? > > > > > >Also, mysql_db_query() has been a deprecated function for some time now, > > >mysql_query() is recommended. > > > > > >Hope this gets you going - Miles Thompson > > > > > >At 01:33 AM 1/11/2002 +1100, Necro wrote: > > > >Lo all, > > > > > > > >Slight problem on an auth script... > > > > > > > > > > > >Warning: Supplied argument is not a valid MySQL result resource in > > > >d:\htdocs\infekt\packages\auth.inc on line 104 > > > > > > > > > > > >Line 26: define( "DATABASE", "imanager" ); > > > >Line 103: $arg = "select password, 1 as auth from acl where > > > >username='$username' and password=MD5('$username','$password')"; > > > >Line 104: $row = mysql_fetch_array(mysql_db_query( DATABASE, $arg )); > > > > > > > > > > > >Can anyone help get this to work?? > > > > > > > >Thankyou. > > > > > > > >Andrew > > > > > > > > > > > >-- > > > >PHP Database Mailing List (http://www.php.net/) > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > >For additional commands, e-mail: [EMAIL PROTECTED] > > > >To contact the list administrators, e-mail: >[EMAIL PROTECTED] > > > > > >-- > >PHP Database Mailing List (http://www.php.net/) > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > >To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > >-- > >PHP Database Mailing List (http://www.php.net/) > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > >To contact the list administrators, e-mail: [EMAIL PROTECTED] > > >-- >PHP Database Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
