Darren Kemp wrote:
Basically I just did a query to see if the user exists
with the
encrypted password.
$res = $db->query("SELECT password FROM users where
username='$username' and password=password('$password') ");
$row = $db->fetchObject( $res );
$newPass = $row->{'password'};
if we get something back we authed, otherwise we didnt.
Good luck!
Thanks
Darren
Yes, that's exactly what I proposed. But don't implement it like that!
It's vulnerable to SQL injection. You need to escape $username and
$password before including it into the query.
For example, providing as password (for any user) the string ') OR (''='
would *always* be accepted.