Re: [PHP] SQL Password() function

2005-11-28 Thread David Grant 
Ahmed Saad wrote:
 On 11/26/05, Yaswanth Narvaneni [EMAIL PROTECTED] wrote:
 I 'dont' want to use something like select * from table where
 table.passwd=password($passwd);
 
 (IIRC. they broke backward compatibility in
 version 5).. 

4.1 :(

Cheers,

David Grant

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: [PHP] SQL Password() function

2005-11-27 Thread Ahmed Saad 
On 11/26/05, Yaswanth Narvaneni [EMAIL PROTECTED] wrote:
 I 'dont' want to use something like select * from table where
 table.passwd=password($passwd);

Well, i think you  better use a specific password hashing function
rather than MySQL's password() 'cause it's implementation is not
consistent across versions (IIRC. they broke backward compatibility in
version 5).. Use md5() or sha1() so you know what alghorithm is used
and you can be almost sure that implementation across langauges and
versions is the same.

so when you store the password do a query like:

$sql .= INSERT INTO sometable (name, password) VALUES ('someuser',
md5('somepassword'));

PHP has an md5() and sha1() too, check the manual for  them

-ahmed

Re: [PHP] SQL Password() function

2005-11-27 Thread Gustavo Narea 

Hi.

Ahmed Saad wrote:

On 11/26/05, Yaswanth Narvaneni [EMAIL PROTECTED] wrote:


I 'dont' want to use something like select * from table where
table.passwd=password($passwd);



Well, i think you  better use a specific password hashing function
rather than MySQL's password() 'cause it's implementation is not
consistent across versions (IIRC. they broke backward compatibility in
version 5).. Use md5() or sha1() so you know what alghorithm is used
and you can be almost sure that implementation across langauges and
versions is the same.


Yes, That's something important.

Yaswanth, take a look at: 
http://phpsec.org/articles/2005/password-hashing.html


Regards.

--
Gustavo Narea.
PHP Documentation - Spanish Translation Team.
Valencia, Venezuela.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: [PHP] SQL in Function

2001-11-26 Thread Mark Roedel 

 -Original Message-
 From: Oosten, Sjoerd van [mailto:[EMAIL PROTECTED]] 
 Sent: Thursday, November 22, 2001 2:01 AM
 To: '[EMAIL PROTECTED]'
 Subject: [PHP] SQL in Function
 
 
 function Activeyesno($month,$day,$year,$Project_id){
 $dayactief = mktime(0, 0, 0, $month, $day, $year);
 $daytemp = date(Y-m-d, $dayactief);
 $resultactive = mysql_query(SELECT * FROM EIAProjecten WHERE
 ((Project_begindatum = '$daytemp' AND Project_id = '$Project_id') OR
 (Project_einddatum = '$daytemp' AND Project_id =
'$Project_id')),$db);

 $num_rows = mysql_num_rows($resultactive);
 if ($num_rows == '1'){
 return red; }
 }

 1. Is it possible to make a sql connection in my function

Yes.

 2. did i do something wrong?

Yes.

The thing you have to remember is that your database link identifiers,
etc., follow the same rules of scope as any other variable (and thus,
need to either be passed into your function as parameters or declared as
global).

Specifically, in your case, the $db variable referenced in your
mysql_query() call  doesn't appear to have a value that's local to this
function.


---
Mark Roedel |  Blessed is he who has learned to laugh
Systems Programmer  |   at himself, for he shall never cease
LeTourneau University   |   to be entertained.
Longview, Texas, USA|   -- John Powell 

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Re: [PHP] SQL in Function

2001-11-22 Thread David Robley 

On Thu, 22 Nov 2001 18:30, Oosten, Sjoerd van wrote:
 Hello, im a newbie in writing functions but right now im trying to.

 I have made the following function

 // FUNCTION TO DECIDE WHETHER A PROJECT IS IN BETWEEN PROJECTBEGIN AND
 PROJECTEND , YES OR NO

 function Activeyesno($month,$day,$year,$Project_id){
 $dayactief = mktime(0, 0, 0, $month, $day, $year);
 $daytemp = date(Y-m-d, $dayactief);
 $resultactive = mysql_query(SELECT * FROM EIAProjecten WHERE
 ((Project_begindatum = '$daytemp' AND Project_id = '$Project_id') OR
 (Project_einddatum = '$daytemp' AND Project_id =
 '$Project_id')),$db);

 $num_rows = mysql_num_rows($resultactive);
 if ($num_rows == '1'){
 return red; }
 }


 AND i'm calling this function in an while loop

 ? echo Activeyesno($month,$day,$year,$Project_id); ?

 (I translated it into english so maybe some mistakes!)

 When i try to call the function i get a mysql error every time, even
 when i make $resultactive (SELECT * FROM EIAProjecten) // NO DATE

 1. Is it possible to make a sql connection in my function
 2. did i do something wrong?

 Can somebody help me?


What is the error?

-- 
David Robley  Techno-JoaT, Web Maintainer, Mail List Admin, etc
CENTRE FOR INJURY STUDIES  Flinders University, SOUTH AUSTRALIA  

   (This tagline in Stereo where available)

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]