password() vs md5()

New Articles

Java PLAF and UIDefaults.

Comparision of Date and Time fields.

Making up the numbers

We are halfway through migrating the rad user manager from mysql to postgresql. In the last step you may have pointed your browser to your Rad User installation and attempted to login, only to find that it does not just work yet.

The reason that you are still unable to login is that the code still uses the password() function of mysql, a function that is not availble in postgresql. Indeed the use of password() was a poor choice since it is not even compatible with older version of mysql. It would have been better to have used md5() instead - a function that is avialable on both postgresql and mysql. If in the future we need to make the system compatible with different database that does not support the md5() function we can then make use of the corresponding function in PHP.

Since backward compatibility is another factor that we need to watch out for instead of blindly changing all occurances of password() to md5(), we will use another configuration setting to let the downloader have the option of using the old password() function with mysql databases. Here is how signup.php looks like when we make the relevent changes:

	if($user_password_function == 1)
	{
		$query = "insert into users SET
			userName = '$username',
			userPassword = password('$password'),
			userStatus =$userStatus";
	}
	else
	{
		$query = "insert into users SET
			userName = '$username',
			userPassword = md5('$password'),
			userStatus =$userStatus";
	}

We have to make similar changes in all other files where calls to the password() function including the login.php script. Even after making all those changes you will still find yourself unable to login to the system. That is because in certain places we use the mysql_num_rows() method to determine if a valid result set has been returned. Let's try to change that and a few more things in the next step.

 

  Part 1:   Getting Started   ,   The Schema   ,   Queries
  Part 2:   Passwords   ,   Times Up   ,   Errors   ,   Download