Blank password should not be updated

piyusharora420 · June 8, 2012

Hello Everyone,

I have created simple reg/login forms. I also provided option to user for updating his/her profile. When a user navigate to updation page, they get prefilled fields. But, password is not pre filled for security reasons. So, if a user update his profile without worrying about password, then password should not be updated. In my case, password blanked out in database.

Thanks in advance.

l0gic · June 8, 2012

Can you post the code you have so far?

piyusharora420 · June 8, 2012

Sure, here is the code:

<?php

session_start();

include_once "includes/db.php";

include_once "includes/functions.php";

$err="";

//Check if session exists

if(isset($_SESSION['email']))

{

$db=new DB();

$result=$db->selectFetch("reg_form","Email='".$_SESSION['email']."'");

//Checking if form is submitted

if(isset($_POST['Submit']))

{

//assign values to variables if form is submitted

$f_name=trim($_POST['f_name']);

$l_name=trim($_POST['l_name']);

$email=trim($_POST['email']);

$password=trim(base64_encode($_POST['password']));

$tools=new validations();

$err=$tools->validateFirstName($f_name);

$err.=$tools->validateLastName($l_name);

$err.=$tools->validateEmail($email);

if($err=="")

{

$update=$db->update($_SESSION['email'],$email,$password,$f_name,$l_name);

if($update==true)

{

header('location:profileUpdated.php');

}}

else

{

echo $err;

}

else

{

header('location:login.php');

}

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<title>Untitled Document</title>

</head>

<body>

<tr><td>First Name:</td><td><input type="text" name="f_name" id="f_name" value="<?php echo $result->f_name; ?>"></td></tr>

<tr><td>Your Email</td><td><input type="text" name="email" id="email" onBlur="showHint(this.value)" onkeyup="showHint(this.value)" onKeyDown="showHint(this.value)" value="<?php echo $result->Email; ?>"></td><td style="border:0px"><span id="txtHint" ></span></td></tr>

<tr><td>Password:</td><td><input type="password" name="password" id="password"></td></tr>

</table></form>

</body>

</html>

piyusharora420 · June 8, 2012

Also, javascript is not working for this page. Please have a look on the below js file:

// JavaScript Document

function check_input()

{

// Stored values in variables

var f_name=document.getElementById("f_name").value;

var l_name=document.getElementById("l_name").value;

var email=document.getElementById("email").value.toLowerCase();

var remail=document.getElementById("re-email").value.toLowerCase();

var password=document.getElementById("password").value;

var l_name=document.getElementById("l_name").value;

var emailRegex=/^[a-zA-Z\_][\w\-\.\+]+\@[a-zA-Z0-9\.\-]+\.[a-zA-z0-9]{2,4}$/;

var nameRegex=/^[a-zA-Z]+$/;

if(!(f_name.match(nameRegex)))

{

alert("First name can contains only alphabets");

document.getElementById('f_name').focus();

return false;

}

if(!(l_name.match(nameRegex)))

{

alert("last name can contain only alphabets");

document.getElementById('l_name').focus();

return false;

}

//email format should match with the emailRegex

if(!email.match(emailRegex))

{

alert("invalid email address");

document.getElementById('email').focus();

return false;

}

if(!remail.match(emailRegex))

{

alert("invalid email address");

document.getElementById('re-email').focus();

return false;

}

if(email!=remail)

{

alert("emails do not match");

return false;

}

//Password Length should be b/w 8 and 15

if(password.length<=8 || password.length>=15)

{

alert("password length should be b/w 8 and 15");

document.getElementById('password').focus();

return false;

}

if(document.getElementById('gender').value=="")

{

alert("please select your gender");

document.getElementById('gender').focus();

return false;

}

return true;

}

function showHint(str)

{

var xmlhttp;

if (str.length==0)

{

document.getElementById("txtHint").innerHTML="";

return;

}

if (window.XMLHttpRequest)

{// code for IE7+, Firefox, Chrome, Opera, Safari

xmlhttp=new XMLHttpRequest();

}

else

{// code for IE6, IE5

xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");

}

xmlhttp.onreadystatechange=function()

{

if (xmlhttp.readyState==4 && xmlhttp.status==200)

{

document.getElementById("txtHint").innerHTML=xmlhttp.responseText;

}

//Request opened

xmlhttp.open("GET","reg_ajax.php?q="+str,true);

//Request sent

xmlhttp.send();

}

function check_input_login()

{

var email=document.login.email.value;

var password=document.login.password.value;

var emailRegex=/^[a-zA-Z\_][\w\-\.\+]+\@[a-zA-Z0-9\.\-]+\.[a-zA-z0-9]{2,4}$/;

if(!(email.match(emailRegex)))

{

alert("Invalid Email Address");

document.login.email.focus();

return false;

}

if(password.length<=8 || password.length>=15)

{

alert("password length should be b/w 8 and 15");

document.login.password.focus();

return false;

}

return true;

}

function update()

{

var f_name=document.getElementById("f_name").value;

var l_name=document.getElementById("l_name").value;

var email=document.getElementById("email").value.toLowerCase();

var emailRegex=/^[a-zA-Z\_][\w\-\.\+]+\@[a-zA-Z0-9\.\-]+\.[a-zA-z0-9]{2,4}$/;

var nameRegex=/^[a-zA-Z]+$/;

if(!(f_name.match(nameRegex)))

{

alert("First name can contains only alphabets");

document.getElementById('f_name').focus();

return false;

}

if(!(l_name.match(nameRegex)))

{

alert("last name can contain only alphabets");

document.getElementById('l_name').focus();

return false;

}

//email format should match with the emailRegex

if(!email.match(emailRegex))

{

alert("invalid email address");

document.getElementById('email').focus();

return false;

}

return true;

}

l0gic · June 8, 2012

For my sanity and others, can you wrap the code in BB Tags

[code]

at the start and [/code] at the end?

piyusharora420 · June 8, 2012

Sure,

<?php
session_start();
include_once "includes/db.php";
include_once "includes/functions.php";
$err="";
//Check if session exists
if(isset($_SESSION['email']))
{
   $db=new DB();
   $result=$db->selectFetch("reg_form","Email='".$_SESSION['email']."'");
   
      //Checking if form is submitted
if(isset($_POST['Submit']))
{
   //assign values to variables if form is submitted
   
$f_name=trim($_POST['f_name']);
$l_name=trim($_POST['l_name']);
$email=trim($_POST['email']);
$password=trim(base64_encode($_POST['password']));
$tools=new validations();
      $err=$tools->validateFirstName($f_name);
      $err.=$tools->validateLastName($l_name);
      $err.=$tools->validateEmail($email);
      
      if($err=="")
      {

$update=$db->update($_SESSION['email'],$email,$password,$f_name,$l_name);

if($update==true)
{
   header('location:profileUpdated.php');
}}
else
{
   echo $err;
      }

}
}
else
{
   header('location:login.php');
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><script type="text/javascript" src="js/validationsAjax.js"></script>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<form method="post" enctype="multipart/form-data" name="reg" id="reg" ><table border="1" >
<tr><td>First Name:</td><td><input type="text" name="f_name" id="f_name" value="<?php echo $result->f_name; ?>"></td></tr>
<tr><td>Last Name</td><td><input type="text" name="l_name" id="l_name" value="<?php echo $result->l_name; ?>"></td></tr>
<tr><td>Your Email</td><td><input type="text" name="email" id="email" onBlur="showHint(this.value)" onkeyup="showHint(this.value)" onKeyDown="showHint(this.value)" value="<?php echo $result->Email; ?>"></td><td style="border:0px"><span id="txtHint" ></span></td></tr>
<tr><td><input type="file" name="image" /></td></tr>
<tr><td>Password:</td><td><input type="password" name="password" id="password"></td></tr>
<input type="submit" name="Submit" value="Update" onClick="return update()">
</table></form>
</body>
</html>

piyusharora420 · June 8, 2012

Here is tha JavaScript code:

// JavaScript Document
function check_input()
{
   // Stored values in variables
var f_name=document.getElementById("f_name").value;
var l_name=document.getElementById("l_name").value;
var email=document.getElementById("email").value.toLowerCase();
var remail=document.getElementById("re-email").value.toLowerCase();
var password=document.getElementById("password").value;
var l_name=document.getElementById("l_name").value;
var emailRegex=/^[a-zA-Z\_][\w\-\.\+]+\@[a-zA-Z0-9\.\-]+\.[a-zA-z0-9]{2,4}$/;
var nameRegex=/^[a-zA-Z]+$/;
if(!(f_name.match(nameRegex)))
{
alert("First name can contains only alphabets");
document.getElementById('f_name').focus();
return false;
}
if(!(l_name.match(nameRegex)))
{
alert("last name can contain only alphabets");
document.getElementById('l_name').focus();
return false;
}

//email format should match with the emailRegex
if(!email.match(emailRegex))
{
alert("invalid email address");
document.getElementById('email').focus();
return false;
}
if(!remail.match(emailRegex))
{
alert("invalid email address");
document.getElementById('re-email').focus();
return false;
}
if(email!=remail)
{
   alert("emails do not match");
   return false;
}
//Password Length should be b/w 8 and 15

if(password.length<=8 || password.length>=15)
{
alert("password length should be b/w 8 and 15");
document.getElementById('password').focus();
return false;
}
if(document.getElementById('gender').value=="")
{
alert("please select your gender");
document.getElementById('gender').focus();
return false;
}

return true;
}

function showHint(str)
{
var xmlhttp;
if (str.length==0)
  {
  document.getElementById("txtHint").innerHTML="";
  return;
  }
if (window.XMLHttpRequest)
  {// code for IE7+, Firefox, Chrome, Opera, Safari
  xmlhttp=new XMLHttpRequest();
  }
else
  {// code for IE6, IE5
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  }
xmlhttp.onreadystatechange=function()
  {
  if (xmlhttp.readyState==4 && xmlhttp.status==200)
    {
    document.getElementById("txtHint").innerHTML=xmlhttp.responseText;
    }
  }
  //Request opened
xmlhttp.open("GET","reg_ajax.php?q="+str,true);
//Request sent
xmlhttp.send();
}
function check_input_login()
{
   var email=document.login.email.value;
   var password=document.login.password.value;
   var emailRegex=/^[a-zA-Z\_][\w\-\.\+]+\@[a-zA-Z0-9\.\-]+\.[a-zA-z0-9]{2,4}$/;
   if(!(email.match(emailRegex)))
   {
      alert("Invalid Email Address");
      document.login.email.focus();
      return false;
   
   }

   if(password.length<=8 || password.length>=15)
{
alert("password length should be b/w 8 and 15");
document.login.password.focus();
return false;
}
return true;
}
function update()
{
   
   var f_name=document.getElementById("f_name").value;
var l_name=document.getElementById("l_name").value;
var email=document.getElementById("email").value.toLowerCase();
var emailRegex=/^[a-zA-Z\_][\w\-\.\+]+\@[a-zA-Z0-9\.\-]+\.[a-zA-z0-9]{2,4}$/;
var nameRegex=/^[a-zA-Z]+$/;
   if(!(f_name.match(nameRegex)))
{
alert("First name can contains only alphabets");
document.getElementById('f_name').focus();
return false;
}
if(!(l_name.match(nameRegex)))
{
alert("last name can contain only alphabets");
document.getElementById('l_name').focus();
return false;
}

//email format should match with the emailRegex
if(!email.match(emailRegex))
{
alert("invalid email address");
document.getElementById('email').focus();
return false;
}
return true;
   }

Sign In

Blank password should not be updated

Recommended Posts

piyusharora420

Link to comment

Share on other sites

l0gic

Link to comment

Share on other sites

piyusharora420

Link to comment

Share on other sites

piyusharora420

Link to comment

Share on other sites

l0gic

Link to comment

Share on other sites

piyusharora420

Link to comment

Share on other sites

piyusharora420

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information