$this->db->get_where |
Hi, Good day.
I found this thing by mistake. 1) Controller Function Code: $id = trim($this->input->post('id')); Code: $query = $this->db->get_where('userinfo', array('id' => $id, 'password' => $pw)); a) When $pw is null Supposed SQL should be: Code: select * from userinfo where id = '$id' and password is null; Code: select * from userinfo where id = '$id'; Thanks
I'm not seeing anything in the code which would cause that SQL to be output when calling $this->db->get_where() with those arguments. However, after you've passed $this->input->post('pwd') through trim() and md5(), I don't think you're going to get null (this doesn't explain why 'password' is not in your where clause).
Additionally, you shouldn't be using md5() for passwords. See the PHP manual for details: http://php.net/manual/en/faq.passwords.p...s.fasthash
mwhitney is right: md5() of null (and any other hash) is not null. Make sure you have $pw inside your model.
Website: http://avenir.ro
You should be checking you input for null and then the recommended way to hash passwords now is with the PHP.Net password_hash() method.
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
|
Welcome Guest, Not a member yet? Register Sign In |