Php equal functions return different values

Question

Php equal functions return different values

Asked 10 years, 7 months ago

Viewed 89 times

0

I have this function:

function login($username, $password) {
    $user_id = user_id_from_user_name($username);

    $username = sanitize($username);
    $password = md5($password);

    return (mysql_result(mysql_query("SELECT COUNT(`user_id`)  FROM `users` WHERE
        `username` = '$username' AND `password` = '$password'"), 0) == 1) ? $user_id : false;
}

Which is what returns the correct result (true if username and pass match) but this down, that I don’t see dif no difference no longer works. Someone knows what I’m doing wrong?

function login($username, $password) {
    $user_id = user_id_from_user_name($username);
    $query = mysql_query("SELECT COUNT(`user_id`)  FROM `users` WHERE `username` = '$username' AND `password` = '$password'");

    $username = sanitize($username);
    $password = md5($password);

    return (mysql_result($query, 0) == 1) ? $user_id : false;
}

1 answer

Browser other questions tagged php return

You are not signed in. Login or sign up in order to post.

by Paulo Coghi • **166** points · Answer 1 · 2014-04-17T17:20:54+00:00

In the first function, you are applying the MD5 hash to the $password variable and sanitizing the $username before to make the query sql.

In the second function, you are doing the sql query before applying the hash and Sanitize. Because of the lack of hash application in the password, the result of the query will be clearly different.