Xeven Posted March 8, 2008 Share Posted March 8, 2008 Is it possible to skip an empty form field when inserting or updating values in a mysql table? Example: A page where a user can change his/her details. However something such as a password field may not want to be changed, but the rest of the values do need to be changed. So when the form is submitted, the fields which have had data entered into them are updated on the table, but the field password is still left the same on the table and not inserted with a null value. Possible or wishful thinking? Thanks Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted March 8, 2008 Share Posted March 8, 2008 you don't have to update every field at once. just update the ones you need $sql = "UPDATE some_table SET some_field = '$some_value', some_other_field = '$some_other_value' WHERE id = '$some_id'"; Quote Link to comment Share on other sites More sharing options...
Xeven Posted March 8, 2008 Author Share Posted March 8, 2008 I also forgot to mention that if the password field does have anything entered into it then it would need to update the table. Would that be using an if statement of some sort perhaps? Quote Link to comment Share on other sites More sharing options...
AdamCox9 Posted March 8, 2008 Share Posted March 8, 2008 You may want to prefill the fields in the forms with the data that is already in the DB. That is usually how it is done for profiles & such. Quote Link to comment Share on other sites More sharing options...
Xeven Posted March 8, 2008 Author Share Posted March 8, 2008 You may want to prefill the fields in the forms with the data that is already in the DB. That is usually how it is done for profiles & such. Does that count even for a password field? I would have thought that still would have been left blank. Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted March 8, 2008 Share Posted March 8, 2008 yes, leave the password field blanked. only update it IF a new one has been entered. Quote Link to comment Share on other sites More sharing options...
AdamCox9 Posted March 8, 2008 Share Posted March 8, 2008 hmm... It should put the values in it and bleep them out also. I'm not sure. See what this displays: $password = "valuefromDB"; <input type="password" value="$password" name="password"> do a print_r($_RESULT); to see what value is there. Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted March 8, 2008 Share Posted March 8, 2008 you DO NOT want to fill in the password. Even though it's starred out, it's still visible in the HTML. this is just basic security. Quote Link to comment Share on other sites More sharing options...
AdamCox9 Posted March 8, 2008 Share Posted March 8, 2008 True. I didn't even think of that. I usually see that their is a field to enter old password and then new password and a field to verify new password. That is the standard I see on the popular sites. Quote Link to comment Share on other sites More sharing options...
Xeven Posted March 8, 2008 Author Share Posted March 8, 2008 yes, leave the password field blanked. only update it IF a new one has been entered. This is basically what I am trying to do. But I am not sure how I would go about doing this. Quote Link to comment Share on other sites More sharing options...
corbin Posted March 8, 2008 Share Posted March 8, 2008 Just check if the password part of the form meets the criteria for a password, and if it does, update it. Example: $password = (isset($_POST['password'])) ? trim($_POST['password']) : ''; if(!empty($password)) { //update password //note that this just checks if a password was entered.... no other checks are done x.x. } Quote Link to comment Share on other sites More sharing options...
peranha Posted March 8, 2008 Share Posted March 8, 2008 if ($password == "") { // create query $query = "UPDATE users SET firstname='$firstname', lastname='$lastname', address='$address', city='$city', state='$state', zip='$zip', Email='$Email', MSN='$MSN', Yahoo='$Yahoo', AOL='$AOL', Gmail='$Gmail', phone='$phone', private='$private' WHERE username = '$_SESSION[username]'"; // execute query $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); } else { // Create a salt to add. $salt = ($saltpass); // Create Hash of password and salt. $passwordHash = hash('SHA512', $password.$salt); // create query $query = "UPDATE users SET password='$passwordHash', firstname='$firstname', lastname='$lastname', address='$address', city='$city', state='$state', zip='$zip', Email='$Email', MSN='$MSN', Yahoo='$Yahoo', AOL='$AOL', Gmail='$Gmail', phone='$phone', private='$private' WHERE username = '$_SESSION[username]'"; // execute query $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); } That is what my user edit page looks like Quote Link to comment Share on other sites More sharing options...
Xeven Posted March 8, 2008 Author Share Posted March 8, 2008 You guys are amazing. It is now up and working. Thanks for all of you who helped out and gave idea's on what I could do. Peranha, your stuff gave me a lot of insight on how I should go about doing it, thanks for posting your code. Quote Link to comment Share on other sites More sharing options...
peranha Posted March 9, 2008 Share Posted March 9, 2008 yeah, there probably is a better way of doing it, but it works great. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.