String comparision issue with change of databases

Hi All,
I am trying to write a simple user verification(not using MD5 hash) . I have
users table in database which contains login_id and passwd for registered
users. I am using PDO for this purpose. If i use MySQL database, following
code for user verification works well without any problem. But if change
$dsn to use PostgreSQL database, code fails at if( $passwd ===
$records[0]['passwd']). After some experiementation, I realized that $passwd
holds password string ( assume '1234' for time being) In case of MySQL
$records[0]['passwd'] holds password string '1234' as expected and code
works. But in case of PostgreSQL, $records[0]['passwd'] holds 1234 rather
than '1234' and hence comparison fails. Since I am using same code to
register users in both cases, I doubt there would be any issue there.

{
$loginId = $_REQUEST['loginid'];
$passwd = $_REQUEST['passwd'];

$dsn = "mysql:host=$hostName;dbname=$dbName";
$query = "SELECT * FROM users WHERE login_id='$loginId';";

$dbh = new PDO($dsn, $userName, $passWd);

$result = $dbh->query($query);
$records = $result->fetchAll(PDO::FETCH_ASSOC);

if(!count($records))
{
echo '
User does not exist! Get Resgitered
Now!!';
}
else
{
if( $passwd === $records[0]['passwd'])
{
echo '
User '.$loginId.' logged in successfully!';
}
else
{
echo '
Invalid Password! ';
}
}
$dbh = null;
}

Any pointers please? Any hints?

Thanks,
Pravin

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: String comparision issue with change of databases

Tamkhane, Pravin wrote:
> Hi All,
> I am trying to write a simple user verification(not using MD5 hash) . I
> have users table in database which contains login_id and passwd for
> registered users. I am using PDO for this purpose. If i use MySQL
> database, following code for user verification works well without any
> problem. But if change $dsn to use PostgreSQL database, code fails at
> if( $passwd === $records[0]['passwd']). After some experiementation, I
> realized that $passwd holds password string ( assume '1234' for time
> being) In case of MySQL $records[0]['passwd'] holds password string
> '1234' as expected and code works. But in case of PostgreSQL,
> $records[0]['passwd'] holds 1234 rather than '1234' and hence comparison
> fails. Since I am using same code to register users in both cases, I
> doubt there would be any issue there.

You're using === which does a type *and* value comparison. I'm guessing
that the MySQL driver does the conversion to an integer, whereas the
PostgreSQL driver doesn't. Change it to == and it'll work just fine.

-Stut

--
http://stut.net/

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: String comparision issue with change of databases

On Nov 23, 2007 5:42 PM, Stut wrote:
> Tamkhane, Pravin wrote:
> > Hi All,
> > I am trying to write a simple user verification(not using MD5 hash) . I
> > have users table in database which contains login_id and passwd for
> > registered users. I am using PDO for this purpose. If i use MySQL
> > database, following code for user verification works well without any
> > problem. But if change $dsn to use PostgreSQL database, code fails at
> > if( $passwd === $records[0]['passwd']). After some experiementation, I
> > realized that $passwd holds password string ( assume '1234' for time
> > being) In case of MySQL $records[0]['passwd'] holds password string
> > '1234' as expected and code works. But in case of PostgreSQL,
> > $records[0]['passwd'] holds 1234 rather than '1234' and hence comparison
> > fails. Since I am using same code to register users in both cases, I
> > doubt there would be any issue there.
>
> You're using === which does a type *and* value comparison. I'm guessing
> that the MySQL driver does the conversion to an integer, whereas the
> PostgreSQL driver doesn't. Change it to == and it'll work just fine.

Actually the real issue was, while creating table in PostgreSQL, I
used character(n) type for login_id and passwd columns, which actually
will padd spaces at the end of login_id and passwd string to fill it
upto n. Changing datatype of these columns to character varying (n)
solves the problem. Hope this saves time for someone.

Thanks,
Pravin

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php