(Another) MySQL Incompatible Built-In Function
The password built-in function in MySQL has different hashing engine since version 5 released. While this issues has been found by my own self after having a tiny research on how to synchronize the both different version in my latest web based project at State Education Department (Departemen Pendidikan Nasional) just couple days ago.
Incompatibility effect had been detected after using the function on the login form. The validation process somehow has failed, even the variable seemed OK. It was proved when I tried execute the SQL query manually. Get a common command below in both MySQL version <=4 and 5:
The MySQL <= 4 would return the result as:
While MySQL 5 would return the result as:
Just for additional information on how to resolve it, the MySQL 5 also support the old password with new built in function old_password. In order to resulting the same value of the password function in older MySQL, you may replace the old code with:
and the result is same as the previous version of MySQL:
Incompatibility effect had been detected after using the function on the login form. The validation process somehow has failed, even the variable seemed OK. It was proved when I tried execute the SQL query manually. Get a common command below in both MySQL version <=4 and 5:
select password(‘1’);
The MySQL <= 4 would return the result as:
606717496665bcba
While MySQL 5 would return the result as:
*E6CC90B878B948C35E92B003C792C46C58C4AF40
Just for additional information on how to resolve it, the MySQL 5 also support the old password with new built in function old_password. In order to resulting the same value of the password function in older MySQL, you may replace the old code with:
select old_password(‘1’);
and the result is same as the previous version of MySQL:
606717496665bcba
Labels: My Share
PS: If you've benefit from this blog, you can support it by making a small contribution. |
Anonymous said,
Thursday, September 13, 2007 2:21:00 PM
Thanks - This confirms what I have just discovered. why didn't they leave the old function algorithm intact and just call the new stronger function password64 or something like that - would solve a lot of problems when porting websites...