Darren Kemp wrote:
> Basically I just did a query to see if the user exists with the
> encrypted password.
>
> $res = $db->query("SELECT password FROM users where
> username='$username' and password=password('$password') ");
> $row = $db->fetchObject( $res );
> $newPass = $row->{'password'};
>
> if we get something back we authed, otherwise we didnt.
>
> Good luck!
>
> Thanks
>
> Darren
Yes, that's exactly what I proposed. But don't implement it like that!
It's vulnerable to SQL injection. You need to escape $username and
$password before including it into the query.
For example, providing as password (for any user) the string ') OR (''='
would *always* be accepted.
_______________________________________________
Wikitech-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
