Jump to content
Larry Ullman's Book Forums

Pg 92. - Step #9 - Why Use Concatenate For The Password?


Recommended Posts

For #9, "Add user to the database" part of the code is:

	$q = "INSERT INTO users (username, email, pass, first_name, last_name, date_expires) VALUES ('$u', '$e', '" . password_hash($p, PASSWORD_BCRYPT) . "', '$fn', '$ln', ADDDATE(NOW(), INTERVAL 1 MONTH) )";
		$r = mysqli_query($dbc, $q);

I'm wondering why there is concatenating going on:

 '" . password_hash($p, PASSWORD_BCRYPT) . "'

What does this benefit?  Isn't this info just being dumped into the database as a string?

Link to comment
Share on other sites

The concatenation is just adding the output of the function to the query. Alternatively, you could call the function before the query, assign the results to a variable, and then use the variable within the query.

Link to comment
Share on other sites

 Share

×
×
  • Create New...