Happy-melon wrote:
"Darren Kemp" darrenkemp@gmail.com wrote in message news:1d83a8940908261052h7feedb1fi5d841db6f99a39a7@mail.gmail.com...
I have solved this issue. Thanks to those who read and offered advice.
Using the method Michael Daly suggested? I know for a fact that I'm going to have to do this on a new project of mine in the next few weeks, it would be nice to have an idea of how to proceed.
--HM
I wouldn't perform an extra query just to encode the password.
MysqlAuthPlugin::authenticate($username, $password) { /**connect to mysql table */ mysql_query("SELECT host FROM user WHERE user='$username' AND password=PASSWORD('$password')"); //Need to be mysql_escaped for any real use
/* Iterate checking that at least one host matches the user one Or simply check that some row was returned, in which case you can add a LIMIT 1. */ }