How do i get the password from the SQL database without it quoting the output?

Question

My code right now is

import mysql.connector import hashlib
 
cnx = mysql.connector.connect(user='root', password='!Joshua1',
                               host='127.0.0.1',
                               database='passwordhashtest')
 
cursor = cnx.cursor()
 
Password = input("Enter the password >>")       
hashpass = hashlib.md5(Password.encode('utf8')).hexdigest()
 
Email=input("number")
 
passwordcheck='''SELECT b FROM password2 WHERE a = %s AND b = %s'''

values=(Email,hashpass)
 
cursor.execute(passwordcheck,values) 
 
hashedpassindatabase=cursor.fetchone()
 
print(hashedpassindatabase)
 
if hashedpassindatabase==hashpass:
    print("Success!") else:
    print("error")`

My output comes out as:

('d1133275ee2118be63a577af759fc052',)

error

See my problem is the quotes and the comma! HOW DO I REMOVE THAT!?!?!??!

It seems impossible, i tried everything i can think of!

hashpass is stored as

d1133275ee2118be63a577af759fc052

If the data im getting from mysql doesnt include the quotes and the comma, then things would get verified pretty easily, but it isnt. THATS WHAT I DONT GET!!!!!!!!! HELP!!!!!!!!!!!!

See [this](https://stackoverflow.com/q/7011291/5320906) Q & A. — snakecharmerb, Oct 05 '20 at 14:36

score 0 · Answer 1 · answered Oct 05 '20 at 14:25

0

The return value of a DB API2 compliant cursor.fetchone() is a sequence (or None).

In your case, the result is a tuple with a single item:

t = ('d1133275ee2118be63a577af759fc052',)

To access this item, use t[0].

Or to stick to your variable names:

hashedpassindatabase = ('d1133275ee2118be63a577af759fc052',)
actual_value = hashedpassindatabase[0]
print(actual_value)

Output:

d1133275ee2118be63a577af759fc052

answered Oct 05 '20 at 14:25

Mike Scotty

10,530
5
38
50

THANK YOU SO MUCH!!!!!!!!! Also, this method of verifying passwords wont be an issue to privacy right? – Joshua Karthi Oct 05 '20 at 14:59
Storing password hashes and then comparing hashes is the way to go, while storing plain text passwords is a no-go, so you're on the right track. Off-Topic: MD5 is a weak hash, if you want to use stronger encryption, you could check out [passlib](https://passlib.readthedocs.io/en/stable/narr/hash-tutorial.html#verifying) – Mike Scotty Oct 05 '20 at 15:13

How do i get the password from the SQL database without it quoting the output?

1 Answers1