Well, strip the brackets from around the hash value. Miles At 03:41 AM 1/11/2002 +1100, Necro wrote: >On further investigation it appears to get the correct MD5 value the correct >synatx is: > >$passhash = MD5("$username.$password"); <<--- needs the " > >The the error resulting from this is: > >select password, 1 as auth from acl where (username='andrewd' and >password=(163e06103a371fd95b21b4a849bb4b91))1064 : You have an error in your >SQL syntax near 'a371fd95b21b4a849bb4b91))' at line 1 > >Does that help give any idea at all as to what the problem is? > >Andrew > >-----Original Message----- >From: Necro [mailto:[EMAIL PROTECTED]] >Sent: Friday, 11 January 2002 3:35 AM >To: [EMAIL PROTECTED] >Subject: RE: [PHP-DB] MySQL Result Resource > > >Miles, > >You must MD5 the value outside of mysql for it to evaluate it, from the >error I just got. >i have tried >$passhash = MD5($username.$password); >$arg = "select password, 1 as auth from acl where (username='andrewd' and >password=($passhash))"; > >And get the following error... >select password, 1 as auth from acl where (username='andrewd' and >password=(c59d088cd3d873af5239cfac1234f370))1054 : Unknown column >'c59d088cd3d873af5239cfac1234f370' in 'where clause' > >So at least the MD5 is now evaluated. But there is still and error in there. > >Andrew > > >-----Original Message----- >From: Miles Thompson [mailto:[EMAIL PROTECTED]] >Sent: Friday, 11 January 2002 3:29 AM >To: Necro; [EMAIL PROTECTED] >Subject: RE: [PHP-DB] MySQL Result Resource > > > >LIGHT just came on!!! Why does ittake so long. > >MD5(andrew.madonna) - I think you're goint to have to do this >$passhash = $username . $password > >and use MD5($passhash). > >MySQL is looking for a table "andrewd" with the field "madonna" in the way >the MD5() is presently structured. > >Go to it - Miles > >At 03:09 AM 1/11/2002 +1100, Necro wrote: > >Yep, > > > >andrewd is the username im trying to get this script to work with, its an > >authentication script.. > > > >The result of echo $arg is the following: > > > >select password, 1 as auth from acl where username='andrewd' and > >password=MD5(andrewd.madonna)1109 : Unknown table 'andrewd' in where clause > > > >Andrew > > > >-----Original Message----- > >From: Miles Thompson [mailto:[EMAIL PROTECTED]] > >Sent: Friday, 11 January 2002 3:08 AM > >To: Necro; [EMAIL PROTECTED] > >Subject: RE: [PHP-DB] MySQL Result Resource > > > > > >Can you try this puppy at the MySQL console? I'd dearly love to know where > >"andrewd" is coming from, it sounds like your username. > > > >Before executing mysql_query(), echo $arg and see what it prints. > > > >This is strange, but better than what we had - Miles Thompson > > > >At 02:54 AM 1/11/2002 +1100, Necro wrote: > > >Ok, > > >I have tried a few things now. I finally got it to echo the errors, >firstly > > >there was still a prob with MD5 values being in the apostrophes. > > >Then next error was no db was selected. So i added a mysql_select_db > > >statement. > > >Now i get this: > > > > > >1109 : Unknown table 'andrewd' in where clause > > > > > >andrewd being the username I am trying to get it to accept. > > > > > >Following lines are the current bit: > > > $arg = "select password, 1 as auth from acl where > > > username='$username' and > > >password=MD5($username.$password)"; > > > $result = mysql_query( $arg ) or die(mysql_errno()." : ". > > > mysql_error() ); > > > $row = mysql_fetch_array($result); > > > > > >Andrew > > > > > >-----Original Message----- > > >From: Miles Thompson [mailto:[EMAIL PROTECTED]] > > >Sent: Friday, 11 January 2002 2:36 AM > > >To: [EMAIL PROTECTED] > > >Subject: RE: [PHP-DB] MySQL Result Resource > > > > > > > > >Break up the code. > > > > > >I assume you are connecting to the database with mysql_connect() or > > >mysql_pconnect(). If not, do that. > > > > > >Echo your query so that you know it contains valid values. > > > > > >Break $row = mysql_fetch_array(mysql_db_query( DATABASE, $arg )); > > >into > > >$result = mysql_query( $arg ) or die(mysql_errno()." : ". >mysql_error() ); > > >$row = mysql_fetch_array($result) ) > > >then do whatever processing you need with the array $row. > > > > > >Miles > > > > > >PS Just reply to the list, if you reply directly to me I have one more > > >message to delete. <g> /mt > > > > > >At 02:10 AM 1/11/2002 +1100, Necro wrote: > > > >Yeh, I notice now the MD5 was wrong. > > > > > > > >But I still get the same error on line 104. If I try and replace it >with > > >the > > > >current query function then I get two errors. > > > > > > > >e.g. > > > >Warning: Supplied argument is not a valid MySQL-Link resource in > > > >d:\htdocs\infekt\packages\auth.inc on line 104 > > > > > > > >Warning: Supplied argument is not a valid MySQL result resource in > > > >d:\htdocs\infekt\packages\auth.inc on line 104 > > > > > > > >Andrew > > > > > > > > > > > >-----Original Message----- > > > >From: Miles Thompson [mailto:[EMAIL PROTECTED]] > > > >Sent: Friday, 11 January 2002 2:05 AM > > > >To: Necro; [EMAIL PROTECTED] > > > >Subject: Re: [PHP-DB] MySQL Result Resource > > > > > > > > > > > > > > > >The use of the MD5 function in the query doesn't look quite right. > > > >Shouldn't it be MD5('$password') or MD5('$username'.'$password') if > > > >concatenating? > > > > > > > >Also, mysql_db_query() has been a deprecated function for some time >now, > > > >mysql_query() is recommended. > > > > > > > >Hope this gets you going - Miles Thompson > > > > > > > >At 01:33 AM 1/11/2002 +1100, Necro wrote: > > > > >Lo all, > > > > > > > > > >Slight problem on an auth script... > > > > > > > > > > > > > > >Warning: Supplied argument is not a valid MySQL result resource in > > > > >d:\htdocs\infekt\packages\auth.inc on line 104 > > > > > > > > > > > > > > >Line 26: define( "DATABASE", "imanager" ); > > > > >Line 103: $arg = "select password, 1 as auth from acl where > > > > >username='$username' and password=MD5('$username','$password')"; > > > > >Line 104: $row = mysql_fetch_array(mysql_db_query( DATABASE, $arg )); > > > > > > > > > > > > > > >Can anyone help get this to work?? > > > > > > > > > >Thankyou. > > > > > > > > > >Andrew > > > > > > > > > > > > > > >-- > > > > >PHP Database Mailing List (http://www.php.net/) > > > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > >For additional commands, e-mail: [EMAIL PROTECTED] > > > > >To contact the list administrators, e-mail: > >[EMAIL PROTECTED] > > > > > > > > >-- > > >PHP Database Mailing List (http://www.php.net/) > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > >For additional commands, e-mail: [EMAIL PROTECTED] > > >To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > > > > >-- > > >PHP Database Mailing List (http://www.php.net/) > > >To unsubscribe, e-mail: [EMAIL PROTECTED] > > >For additional commands, e-mail: [EMAIL PROTECTED] > > >To contact the list administrators, e-mail: [EMAIL PROTECTED] > > > > > >-- > >PHP Database Mailing List (http://www.php.net/) > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > >To contact the list administrators, e-mail: [EMAIL PROTECTED] > > >-- >PHP Database Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED] > > >-- >PHP Database Mailing List (http://www.php.net/) >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] >To contact the list administrators, e-mail: [EMAIL PROTECTED]
-- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]