09-20-2007, 11:51 PM
|
#4 (permalink)
|
|
Moderateur
Join Date: Apr 2007
Posts: 1,393
Thanks: 5
|
I only asked because you aren't escaping anything in the code in your first post, in the authenticate method.
As for doing things in SQL, you could try something like the following (note, just typed off of the top of my head -- may contain errors).
PHP Code:
public function authenticate($szUser, $szPassword){
// Only the 'rank' column actually needs to be returned
// so no "SELECT *" here
$szSQL = sprintf("SELECT rank
FROM users
WHERE
pass = MD5(CONCAT(salt, '%s'))
AND user = '%s'
LIMIT 0,1",
mysql_real_escape_string($szPassword),
mysql_real_escape_string($szUser));
$aResult = mysql_query($szSQL) or die(mysql_error());
// If no rows are returned, our password didn't match
// for the supplied user name.
if (mysql_num_rows($aResult) == 1)
{
$aRow = mysql_fetch_assoc($aResult);
session_regenerate_id();
$_SESSION['logged'] = true;
$_SESSION['username'] = $szUser;
$_SESSION['rank'] = $aRow['rank'];
return true;
}
else
{
$_SESSION['logged'] = false;
$_SESSION['username'] = '';
$_SESSION['rank'] = '';
return false;
}
}
|
|
|
|