Hello there i am having trouble on how to compare the password of the input and the one in the DB since the one in the DB is encrypted with the code below for registration i just used a stored procedure in the db and called it in the php code any ideas guys?

DECLARE @binarypassword varbinary(max);
	DECLARE @hexstring nvarchar(max);
	SET @hexstring = @PW;
	SELECT @binarypassword = Cast('' as xml).value('xs:hexBinary( substring(sql:variable("@hexstring"), sql:column("t.pos")) )', 'varbinary(max)')
	FROM (SELECT CASE SubString(@hexstring, 1, 2) when '0x' then 3 else 0 end) as t(pos)

thanks in advance!

encrypt the password received from input before comparing. that is for eg:

$pass = $_POST['pass']; //assumed u r using post 

$pass = encrypFunction($pass); //assumed that u r using a function to encrypt the password and that the function is, say, encrypFunction($s);
//$pass is now encrypted so now ud be comparing two encrypted passwords

$q = mssql_query("SELECT pass FROM user_table WHERE pass='".$pass."'");

hope this helps

the code i posted above is the MSSQL function that encrypts the password i am just wondering how to do it in php.

thanks for your fast reply btw

u could use the way i suggested earlier before inserting also. then theres all php. write a function in php to encrypt the password. u could use md5 or sha1 or stuff like that. heres a quick sample.

function encrypt($string){
        $salt = "abcd";
        $string = md5($string);
        $encrypted = $salt.$string;
        return $encrypted;

hope this helps

thats what im asking how could i convert the mssql query into a php script or someway to encrypt the pass ..

ps i need to use that encryption because i am making this for a game and that game uses that encryption...

is there a way that i could parse that code in mssql_query("") ? and get the result out then comapre that to the pass in the db?

anyone please? sorry for bumping this but it is at the 2nd page and noone will see it...