Jump to content


Photo

form submission without changing encrypted password


  • Please log in to reply
3 replies to this topic

#1 knowNothing

knowNothing
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 22 September 2006 - 08:01 PM

I've got a user administration form where I can add a new user, and edit a current user's information.  When I choose to edit a user's info, I have a form that's auto-populated with the current information so I can simply make changes and hit "submit" to change the info.  When the form is populated, the password field is populated with the MD5 encryption of the user's password, so if I want to change something else, and hit "submit", it's going to re-encrypt the already-encrypted password, hence changing the password altogether.  Is there an easy way to not change the password, but make other changes, and still have the ability to change the password if needed?, or am I just missing something and being retarded..?

#2 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 22 September 2006 - 08:30 PM

only encrypt the password before you add it to the database or cookies or what ever

Tell me the problem, I will try tell you the solution

#3 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 22 September 2006 - 08:36 PM

if you want to include the ability to change the user's password from your cp, don't even bother having a "current password" field that is populated.  what's the point? it's md5 encrypted.  Instead, have 2 fields, one for "change password" and "change password confirmation" (2nd field optional at your discretion, if you feel that it is necessary for you. if not, then don't make a 2nd field).  Don't auto-populate the field.  When you process the form, check to see if this "change password" variable exists, and just concactonate the extra field assignment to your sql string if it does. if not, leave it as is, password not touched.
Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#4 knowNothing

knowNothing
  • Members
  • PipPip
  • Member
  • 24 posts

Posted 22 September 2006 - 08:44 PM

only encrypt the password before you add it to the database or cookies or what ever


ok, nevermind, I just figured this out, just needed some extra if statements.  When editing a user, I made it so the password field comes up blank (not populated).  If i submit with nothing in the password field, the password never gets updated in the table (decided by an "if" statement).  If I manually enter in another password, another quick "if" statment decides weather to update the table with the new password or not.

Thanks for your help anyway.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users