MySQL PASSWORD () doesn't work with SELECT statement

Question

The password function in mysql works fine with me in inserting and updating such as here:

$query_insert = "INSERT INTO `account`(`Gender`, `Birth_date`, `Name`, `UserName`, `Password`, `Email`, `Type`) VALUES ('" . $gender . "' , '" . $birthdate . "' , '" . $name . "' , '" . $username . "' , password('" . $password . "') , '" . $email . "' , 'Member' ) ";    

it insert the hashed password correctly

but when i try to retrieve it in log in code it doesn't work !

mysqli_query($con, "SELECT * FROM account where UserName = '" . $username . "' AND password = password('" . $password . "') ");

I tried to use

mysqli_set_charset($con, 'utf8');

but the result is same I even tried to use it in PHPMyAdmin as a select query, and the same error !

UPDATE

I used MD5() and it worked with me !

Answer 1

As documented under PASSWORD():

Note

The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA2() instead. Also see RFC 2195, section 2 (Challenge-Response Authentication Mechanism (CRAM)), for more information about handling passwords and authentication securely in your applications.

Also, if you're rolling your own authentication system (which I'd strongly discourage), you really should read both The definitive guide to form based website authentication and Secure hash and salt for PHP passwords.