Answer the question
In order to leave comments, you need to log in
Is it possible to use functions inside a SQL query?
<?php
$login = filter_var(trim($_POST['login']),
FILTER_SANITIZE_STRING);
$password = filter_var(trim($_POST['password']),
FILTER_SANITIZE_STRING);
$mysql = new mysqli('localhost', 'root', '', 'register');
$result = $mysql->query("SELECT * FROM `users` WHERE `login` = '$login' AND 'password_verify($password, `password`)' = 1");
$mysql->close();
$user = $result->fetch_assoc();
if(count($user) == 0) {
echo 'Не было найдено такого пользователя';
exit();
}
Answer the question
In order to leave comments, you need to log in
Nuances when using SQL language functions:
$mysql = new mysqli('localhost', 'root', '', 'register');
$stmt = $mysql->prepare("SELECT `password` FROM `users` WHERE `login` = ?");
$stmt->bind_param('s', $login);
$stmt->execute();
$stms->bind_result($hash);
if (!$stmt->fetch() || !password_verify($password, $hash)) {
echo 'Error';
}
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question