Is this syntax is correct?
in [Databases]
|
From: nagendra prasad on 5 Sep 2010 09:18 Hi All, Is this syntax is correct?? SELECT username FROM data, password FROM registration WHERE username=%s AND password=%s" Best, Guru.
From: Amit Tandon on 6 Sep 2010 10:48 SELECT d.username, r.password FROM data join registration r on r.username = d.username WHERE r.username like '%s' AND r.password like '%s'" Presuming the password stored as clear text and username is common field SELECT d.username, r.password FROM data join registration r on r.username = d.username WHERE r.username like '%s' AND r.password like '%s'" or SELECT d.username FROM data as d, registration as r WHERE r.username like '%s' AND and r.password like '%s'" and r.username = d.username ============ regds amit "The difference between fiction and reality? Fiction has to make sense." On Sun, Sep 5, 2010 at 6:48 PM, nagendra prasad <nagendra802000(a)gmail.com>wrote: > Hi All, > > Is this syntax is correct?? > > SELECT username FROM data, password FROM registration WHERE username=%s AND > password=%s" > > > Best, > Guru. >
From: Ken Kixmoeller on 6 Sep 2010 11:11 Amit Tandon wrote: > SELECT d.username, r.password FROM data join registration r on r.username >> SELECT username FROM data, password FROM registration WHERE username=%s AND >> password=%s" Oh, boy -- "r on r"?? Obviously the guy is a rookie. Let's be simple: SELECT data.username,registration.password FROM data inner join registration ON data.<linking_field> = registration.<linking_field> WHERE username=%s AND password=%s" <linking_field> is the name of the common field in each table, such as "user_id". Comments: 1. "data" is a really bad name for a table. You will confuse the heck out of yourself and others who follow you. Change it. 2. As Amit kind of said, no password should be stored in a table (available on a web server) without encrypting the password information. Ken
From: Richard Quadling on 6 Sep 2010 11:15 On 6 September 2010 16:11, Ken Kixmoeller <KixJaguar(a)comcast.net> wrote: > 2. As Amit kind of said, no password should be stored in a table (available > on a web server) without encrypting the password information. I'd go further and say "no password should be stored in a table". A hash of the salted password, sure. -- Richard Quadling Twitter : EE : Zend @RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY
|
Pages: 1 Prev: Select the specific user data from the database Next: AUTO_INCREMENT value |