Jump to content

form submission without changing encrypted password


knowNothing

Recommended Posts

I've got a user administration form where I can add a new user, and edit a current user's information.  When I choose to edit a user's info, I have a form that's auto-populated with the current information so I can simply make changes and hit "submit" to change the info.  When the form is populated, the password field is populated with the MD5 encryption of the user's password, so if I want to change something else, and hit "submit", it's going to re-encrypt the already-encrypted password, hence changing the password altogether.  Is there an easy way to not change the password, but make other changes, and still have the ability to change the password if needed?, or am I just missing something and being retarded..?
Link to comment
Share on other sites

if you want to include the ability to change the user's password from your cp, don't even bother having a "current password" field that is populated.  what's the point? it's md5 encrypted.  Instead, have 2 fields, one for "change password" and "change password confirmation" (2nd field optional at your discretion, if you feel that it is necessary for you. if not, then don't make a 2nd field).  Don't auto-populate the field.  When you process the form, check to see if this "change password" variable exists, and just concactonate the extra field assignment to your sql string if it does. if not, leave it as is, password not touched.
Link to comment
Share on other sites

[quote author=onlyican link=topic=109115.msg439632#msg439632 date=1158957010]
only encrypt the password before you add it to the database or cookies or what ever

[/quote]

ok, nevermind, I just figured this out, just needed some extra if statements.  When editing a user, I made it so the password field comes up blank (not populated).  If i submit with nothing in the password field, the password never gets updated in the table (decided by an "if" statement).  If I manually enter in another password, another quick "if" statment decides weather to update the table with the new password or not.

Thanks for your help anyway.
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.