Php equal functions return different values

Question

Php equal functions return different values

Navigation

#1 by (5 votes)

0

I have this function:

function login($username, $password) {
    $user_id = user_id_from_user_name($username);

    $username = sanitize($username);
    $password = md5($password);

    return (mysql_result(mysql_query("SELECT COUNT('user_id')  FROM 'users' WHERE
        'username' = '$username' AND 'password' = '$password'"), 0) == 1) ? $user_id : false;
}

Which is the one that returns the correct result ( true if the username and pass match) but this one down, that I do not see diff no difference no longer works. Does anyone know what I'm doing wrong?

function login($username, $password) {
    $user_id = user_id_from_user_name($username);
    $query = mysql_query("SELECT COUNT('user_id')  FROM 'users' WHERE 'username' = '$username' AND 'password' = '$password'");

    $username = sanitize($username);
    $password = md5($password);

    return (mysql_result($query, 0) == 1) ? $user_id : false;
}

php return

asked by anonymous 17.04.2014 / 19:15

1 answer

How to make divisions in the software development process [closed] How to understand and start a rest service or soap [duplicate]

score 5 · Accepted Answer

In the first function, you are applying the MD5 hash in the $ password variable and sanitizing the $ username before doing the sql query.

In the second function, you are doing the sql query before applying the hash and the sanitize. Because of the lack of hash application in the password, the result of the query will be clearly different.