MD5 entry in Mysql...?

P

Peter Bishop2016-05-20 11:26:00

PHP

Peter Bishop, 2016-05-20 11:26:00

$name = $username;$email = $params['password']; //так все сохраняет///////////////////////////////////////

//$email = md5($params['password']);//А если сделать так - пароль не сохраняется вообще(собственно, при выполнении скрипта в ответ тишина, может и имя не сохраняется)

///////////////////////////////////////

$query = "INSERT INTO $userstable VALUES('$name','$email', '$preference')";

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

D

Dmitry Kim, 2016-05-21
@Peter_Bishop

Using code like this

$query = "INSERT INTO $userstable VALUES('$name','$email', '$preference')";

you must be sure that the first three fields of the $usertable must be name, email and preference, the rest must have default values. This is first. Secondly, it is bad practice to write queries with inserting variables directly into the query string (read about SQL injections). Thirdly, apparently - instead of $email = md5($params['password'])expected $password = md5($params['password']). Fourth, how can a password be saved if you don't insert it into the database at all?

U

Uwe_Boll, 2016-05-20
@Uwe_Boll

full code of the form and handler in the studio and what comes in the request there

V

VitGun, 2016-05-20
@VitGun

what type and size of the e-mail field?
the fact that the line is commented out - is this normal?