|
Subject:
|
case sensitivity neglection
|
|
Posted By:
|
chayanvinayak
|
Post Date:
|
4/20/2006 1:29:06 PM
|
i am using php/mysql ,my authentication page does not handle case sensitivity, user can enter to secure area by entering
password :aaa or password: AAA . please suggest me the solution
chayan vinayak goswami
|
|
Reply By:
|
richard.york
|
Reply Date:
|
4/20/2006 1:53:59 PM
|
Depends on how you're authenticating the password. What algorithm are you using?? md5? MySQL's built-in password? Is the password stored encrypted?
I need more information before I can "suggest you the solution". For instance, show me the relevent bit of PHP code where password authentication is happening.
Regards,
Rich
--
Author,
Beginning CSS: Cascading Style Sheets For Web Design
CSS Instant Results
http://www.catb.org/~esr/faqs/smart-questions.html
|
|
Reply By:
|
chayanvinayak
|
Reply Date:
|
4/20/2006 2:19:21 PM
|
i have not use any encryption , i have used following script:
<?php
mysql_connect("localhost", "game_cvg", "cvg");
mysql_select_db("game_accounts");
session_start();
$userid = $_GET['userid'];
$password = $_GET['password'];
$status = 0;
$result = mysql_query("
SELECT credits FROM accounts
where userid = '$userid' and password = '$password' LIMIT 1");
if ($result && @mysql_num_rows($result)) {
// $status = 1;
include(gallery.html");
}
else{
$status = 0;
}
echo $status;
?>
chayan vinayak goswami
|
|
Reply By:
|
richard.york
|
Reply Date:
|
4/20/2006 2:27:52 PM
|
> i have not use any encryption , i have used following script:
I beleive you have to change the collation of the column so that all queries performed against it are case-sensitive.
http://dev.mysql.com/doc/refman/5.0/en/case-sensitivity.html
HTH!
Regards,
Rich
--
Author,
Beginning CSS: Cascading Style Sheets For Web Design
CSS Instant Results
http://www.catb.org/~esr/faqs/smart-questions.html
|
|
Reply By:
|
chayanvinayak
|
Reply Date:
|
4/20/2006 10:42:30 PM
|
thanks richard.york , problem eradicated...
chayan vinayak goswami
|
|
Reply By:
|
chayanvinayak
|
Reply Date:
|
4/22/2006 1:56:54 AM
|
when i give query :
SELECT * FROM accounts WHERE userid='$userid' AND password='$password' COLLATE latin1_general_cs
it give following error.
cannot execute query: You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'COLLATE latin1_general_cs' at line 1
chayan vinayak goswami
|
