phpsycho Posted May 1, 2011 Share Posted May 1, 2011 When the form is summited it is supposed to check if the password field contained any text so that way it updates the password. so only if $password exists should it run that query. I tried all different ways of making that happen and it never works. I will summit the form without anything in the password field and it will still update the password to something encrypted in md5 anyways. <?php include ('header.php'); if(isset($_GET['sa'])) { switch ( $_GET['sa']) { case 'edit': edit(); break; } }else{ echo "<div class='header'>Edit admins</div><div class='content'>"; $query = mysql_query("SELECT * FROM `admins`"); while($row = mysql_fetch_array($query)){ $username = clean_up($row['username']); $id = clean_up($row['id']); $email = clean_up($row['email']); $website = clean_up($row['website']); echo "$id $username $email $website | <a href='index.php?action=editadmins&sa=edit&id=$id'> Edit</a><br>"; } echo "</div>"; } function edit() { $id = clean_up($_GET['id']); if(isset($_POST['submit'])){ $username = clean_up($_POST['username']); $password = md5(clean_up($_POST['password'])); $email = clean_up($_POST['email']); $website = clean_up($_POST['website']); if(isset($username)){ if(isset($password)){ mysql_query("UPDATE `admins` SET `password`='$password' WHERE `id`='$id'"); } mysql_query("UPDATE `admins` SET `username`='$username', `email`='$email', `website`='$website' WHERE `id`='$id'"); echo "<b><font color=green>Information edited. Go <a href='index.php'>home</a>?</font></b><br>"; }else{ echo "please enter a username"; } }else{ $query = mysql_query("SELECT * FROM `admins` WHERE `id`='$id'"); while($row = mysql_fetch_array($query)){ $username = clean_up($row['username']); $email = clean_up($row['email']); $website = clean_up($row['website']); echo "<div class='header'>Edit $username</div><div class='content'><form action='index.php?action=editadmins&sa=edit&id=$id' method='post'> <b>Username:</b> <input type='text' name='username' id='username' value='$username'><br> <b>Password:</b>(leave blank to keep same) <input type='password' name='password' id='password' value=''><br> <b>Email:</b> <input type='text' name='email' id='email' value='$email'><br> <b>Website:</b> <input type='text' name='website' id='website' value='$website'><br> <input type='submit' name='submit' id=submit' value='Edit $username'></form></div>"; } } } include('footer.php'); ?> Link to comment https://forums.phpfreaks.com/topic/235304-isset-empty-problem/ Share on other sites More sharing options...
teddyb Posted May 1, 2011 Share Posted May 1, 2011 i think your problem lies with the fact that the md5 of the empty string is d41d8cd98f00b204e9800998ecf8427e so $password contains that string after <?php $password = md5(clean_up($_POST['password'])); also isset will return true for the empty string Link to comment https://forums.phpfreaks.com/topic/235304-isset-empty-problem/#findComment-1209214 Share on other sites More sharing options...
fugix Posted May 1, 2011 Share Posted May 1, 2011 you can use empty() to check if the var contains any text, isset will only check if the variable exists Link to comment https://forums.phpfreaks.com/topic/235304-isset-empty-problem/#findComment-1209215 Share on other sites More sharing options...
phpsycho Posted May 1, 2011 Author Share Posted May 1, 2011 Yeah so I use this: if(empty($username)){ if(empty($password)){ mysql_query("UPDATE `admins` SET `password`='$password' WHERE `id`='$id'"); } mysql_query("UPDATE `admins` SET `username`='$username', `email`='$email', `website`='$website' WHERE `id`='$id'"); } nothing goes into the db now. so I try this: if(!empty($username)){ if(!empty($password)){ mysql_query("UPDATE `admins` SET `password`='$password' WHERE `id`='$id'"); } mysql_query("UPDATE `admins` SET `username`='$username', `email`='$email', `website`='$website' WHERE `id`='$id'"); } that inserts that empty md5 string Link to comment https://forums.phpfreaks.com/topic/235304-isset-empty-problem/#findComment-1209216 Share on other sites More sharing options...
teddyb Posted May 1, 2011 Share Posted May 1, 2011 You either want to md5 the password after checking it (better) or have <?php if ($password != "d41d8cd98f00b204e9800998ecf8427e") { //run query } Link to comment https://forums.phpfreaks.com/topic/235304-isset-empty-problem/#findComment-1209220 Share on other sites More sharing options...
PFMaBiSmAd Posted May 1, 2011 Share Posted May 1, 2011 Text/password form fields are set, even if they are empty. In your form processing code, you would need to test if the various fields are not empty, before you apply any function to the values in them. Link to comment https://forums.phpfreaks.com/topic/235304-isset-empty-problem/#findComment-1209221 Share on other sites More sharing options...
phpsycho Posted May 1, 2011 Author Share Posted May 1, 2011 okay thanks, it works. idk why I didn't think of that lol now is there a way to stop a space (blank character) or as many plus spaces from being summited in the password field? Link to comment https://forums.phpfreaks.com/topic/235304-isset-empty-problem/#findComment-1209222 Share on other sites More sharing options...
teddyb Posted May 1, 2011 Share Posted May 1, 2011 http://php.net/manual/en/function.trim.php Link to comment https://forums.phpfreaks.com/topic/235304-isset-empty-problem/#findComment-1209225 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.