Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
SELECT
SHA1(CONCAT(users.salt, '$password')) = users.password
FROM users
WHERE
users.username = '$username'
If $username exist this will return true, doesn’t matter what password you put in =/
iI only want it to return true if username AND password is correct
What i want is, I want it to take the salt and password, rehash it with sha1 and compare it with user input
What am i doing wrong?
You didn’t say which database, but I don’t believe you can code a relational expression in a select clause as you have done. Try
If you get a row back the password matched; if no row comes back the password didn’t match or the user didn’t exist.