Solved

login password verification

Posted on 2004-08-25
7
327 Views
Last Modified: 2008-03-06
I am fairly new to php.  I created a db table with passwords that I am trying to verify by means of a login box.  The password will load page with administrative options (add, modify, and delete menu).  The login box code contains:
echo("<form method='post' action='petsnamelist2.php3'>");
echo("<input type='password' name='pwauth' value='Password' size='10'>");
echo("<input type='submit' value='Submit'></p>");
echo("</form>");
The admin page (petsnamelist.php3) contains code:
$query_update = "SELECT * FROM pwd where passwd = " . $pwauth;
$query_result = mysql_query ($query_update);
if(!$query_result) {
echo ("<p>There was an error performing this SELECT query from the PETS table. " .
mysql_error() . "</p>");
exit();
}
I get the following error message: "There was an error performing this SELECT query from the password table. Unknown column '735step9' in 'where clause'"
I can't figure out why password value (735step9) is read as a column (column name is passwd) and not as a value?  I am just trying to verify value in db table.  Any ideas?  Thanks very much.
0
Comment
Question by:Sodus
7 Comments
 
LVL 13

Accepted Solution

by:
StormyWaters earned 125 total points
ID: 11894539
It should be in quotes.
"SELECT  * FROM pwd WHERE passwd = \"".$pwauth."\"";
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 11894729
or easier still

"SELECT * FROM pwd where passwd =  '$pwauth'";
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 11894827
if you have register globals off you would have to do it like this

$query_update = "SELECT * FROM pwd where passwd='".$_POST['pwauth']."'";
$query_result = mysql_query ($query_update) or die ("<p>There was an error performing this SELECT query from the PETS table. ".mysql_error()."</p>");
exit();


(significant change: $_POST['pwauth'] rather then $pwauth)
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 18

Expert Comment

by:arantius
ID: 11894969
Correct.  In SQL, just as in any programming language, string constants must be delimted with quotation marks.

@diablo84: or easier still
$query_update = "SELECT * FROM pwd where passwd='{$_POST['pwauth']}'";
0
 

Author Comment

by:Sodus
ID: 11896097
Thanks to StormyWaters, Diablo84, and arantius for answering my question.  Much appreciated.  Since all you responses worked I am going to have to divided up the points this way:
SormyWaters (45) - for first correct reply
Diablo84 (40)
arantius (40)

0
 

Author Comment

by:Sodus
ID: 11896234
My apologies, first time I am doing this.  I meant to split the 125 points three ways but apparently failed at that attempt.
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 11896374
Don't worry Sodus, the important thing is you got your answer :)
0

Featured Post

ScreenConnect 6.0 Free Trial

Want empowering updates? You're in the right place! Discover new features in ScreenConnect 6.0, based on partner feedback, to keep you business operating smoothly and optimally (the way it should be). Explore all of the extras and enhancements for yourself!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question