Forget that last post - sorry!!!
Instead of using password('$password') in the query string, I would insert a
line before connecting to the DB:
$newpass = password($password) <-- dont need quotes round here
then
$query = "SELECT username,password FROM users WHERE username=$username AND
password=$newpass";
As $username and $newpass are already inside double quotes you dont need to
put them in again!!
LJ
"Hawk" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> I've been trying to get this to work for a while, and everyone says that I
> should use the same thing, but it doesn't work, can anyone tell me what
I'm
> doing wrong?
> from the form on the previous page I have the $username and $password vars
>
> mysql_connect($host, $user, $pswd);
> mysql_select_db($db);
> $query = "SELECT username,password FROM users WHERE username='$username'
AND
> password=password('$password')";
> $result = mysql_query($query);
> $num = mysql_num_rows($result);
>
> the $query line is made up from what everyone has told me to write..
> I tried to add a list($usarname, $pessword) = mysql_fetch_row($result);
> and it returned "" .. but when I removed the "AND
> password=password('$password')" part the list showed the username and the
> password in encrypted form
> I don't know how this could help me in any way, but atleast it shows I
have
> an encrypted password, but the problem is that the line everyone uses
> doesn't work.. maybe I need to change some setting in mysql och php.ini or
> something? anyone have any idea?
> I know I've asked this several times but it doesn't seem like I'm
understood
> with my problem. Hope I will be now.
>
> Hawk
>
>
>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
