User Authentication Error

$sql = “select last from admin where user = ‘$_POST[user]’ AND password = old_password(’$_POST[password]’)”;

I am using php 5.5 with mysqli
I am getting this error
FUNCTION upsn_database1.old_password does not exist

First of all, why are you using php 5.5? Most servers now are way beyond php 5.5 and I don’t even know if 5.5 is still supported?

Anyways, you should be using password password_hash and password_verify - I’m pretty sure those functions are still built into php 5.5, but if not they can be added. Though it still would be easier to use a later version of PHP.

You also should be using prepared statements instead of inserting a user’s supplied data directly into the query string. Other than that I don’t know what you are doing, but it sounds like function uspn_database… doesn’t exist.

MySQL has functions like other programming languages. When you use the form foo(bar), MySQL assumes you’re trying to call the function foo() and breaks when it can’t find it.

It looks like you’re just trying to thrash out an authentication system; that’s a dangerous project to learn on but if you want to, you should take care to get a better idea of the fundamentals of both MySQL and secure database interaction in PHP.

1 Like

The MySql password hashing functions where NEVER intended to be used for public-side user information. If this is just a script/query you found and are trying to make it work, forget you ever saw this.

Sponsor our Newsletter | Privacy Policy | Terms of Service