Jump to content
Larry Ullman's Book Forums

Recommended Posts

I have downloaded script 8.7 from the LU web site and installed it on my web site as part of working through the book.  However, every time I enter the correct information it keeps telling me the email and password do not match.

I can't find any errata details for this or any listings on the Forum.

Any ideas?

Link to comment
Share on other sites

I don't have the book or code in front of me, but generally in this situation, you'd start by printing out the query being executed and running it directly to see the result. You can also remove each of the conditionals to see if it's the email address that's not matching or the password. 

Link to comment
Share on other sites

Larry,

 

Thanks, I broke down the conditionals:

  
from: $q = "SELECT user_id FROM users WHERE (email='$e' AND pass=SHA1('$p') )";
    
to  $q = "SELECT user_id FROM users WHERE (email='$e')";
    
and/ $q = "SELECT user_id FROM users WHERE (pass=SHA1('$p') )";

 

in turn.  The script worked if I used only the email one, but if I included the password one it didn't find a match.

 

I added a line to print the password and coded password on the screen.  For password m1 the encoded password is: fc23764ac5b792f40bb1a00c0e3284e45f3f49c0 - 40 characters, but this is nothing like the 20 character one I see in phpmyadmin: 32d332da761f44df7959 for the same password.

 

I can't see why I get 40 characters when the max length is set to 20 - although the maxlength is set prior to coding, should it still apply after the SHA1 coding?

 

This difference explains why the conditional fails - but I can't see how to resolve this.

Link to comment
Share on other sites

Larry,

 

Many thanks, all working now with CHAR(40).

 

Although I note the encoded password returned by:

 

echo '<p>new encoded password is: ' . SHA1('$np') .'.</p>';;

on my script is different to that listed in phpmyadmin (after refreshing once script 8.7 tells me the password has been updated).  Maybe that is a quirk of phpmyadmin!

Link to comment
Share on other sites

 Share

×
×
  • Create New...