What would the SQL statement be to validate a password if the MySql table that looks like this:
user_id password salt
------- -------- ----
1 23ed2... m9f3m...
I tried:
select * from password_table
where user_id = 1
and password = shal(`salt` + 'password')
order by id desc
limit 1
which did not return anything. The algorithm is sha512 whirlpool.
In php it goes like this:
hash('sha512', hash('whirlpool', $password));
It is possible that it can't be done in an sql statement.
You cannot securely hash and verify passwords with an SQL-Statement, because salted hashes cannot be searched for, and because most databases do not offer appropriate hash functions.
Instead use a hash function like BCrypt, SCrypt or PBKDF2 from your development language. For verification first search for the hash by username/id only, and afterwards verify the found hash with the development language again.