Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

› WebAssist Forums › Data Bridge › SecurityAssist › Update page with DA and SHA1 password if password field empty leave old pass

Update page with DA and SHA1 password if password field empty leave old pass

Thread began 1/30/2011 11:18 am by Miguel | Last modified 7/13/2011 9:11 am by Jason Byrnes | 3034 views | 4 replies |

1/30/2011 11:18 am | #1 Miguel

Update page with DA and SHA1 password if password field empty leave old pass

Hello Comunity, some of the things i miss about addt was how easy it was to update users password in an admin enviroment, right now im trying to save a bit of space and less clicks by making the less pages posible, i came into a problem, i used the wizard of data assist to create the admin section to manage users registered to a site, then applied css form builder to insert and update page, now i always use password encryption in this case i have the sha1 setup nice but on the update page created by data assist, how can i update a user if i dont add anything to the password field to avoid it inserting a null value, on other sites i just make the same but leave pssword field out of the dataassist manager and then create a page just for updating the password.

Is there any way to have the old encrypted password inside a hidden field and tell the update behavoir if the "password field is empty" then insert the "hidden field without applying encryption" cause its already encrypted and if not add the password field, i have tried this:

<?php echo (isset($_POST["pass"])?WA_SHA1Encryption($_POST["pass"]):"".$_POST["oldp"].""); ?>

no luck on this yet, how can i acomplish this it would be nice to avoid to make the update profile and admins part without excluding the password and having to do another page just to update the password field?

1/31/2011 7:01 am | #2 Jason ByrnesWebAssist

you're just one step off on this, change:

php:

<?php echo (isset($_POST["pass"])?WA_SHA1Encryption($_POST["pass"]):"".$_POST["oldp"].""); ?>

to;

php:

<?php echo ((isset($_POST["pass"]) && $_POST["pass"] != "")?WA_SHA1Encryption($_POST["pass"]):"".$_POST["oldp"].""); ?>

2/01/2011 12:23 pm | #3 Miguel

Thank you jason didnt try that i just added 2 more single updates and then made a trigger specially for them :) lol i will try that on my next site :)

7/11/2011 6:09 pm | #4 dan361748

This is exactly what I want to do - can you guys expand a little more?

Where are you putting this?

<?php echo (isset($_POST["pass"])?WA_SHA1Encryption($_POST["pass"]):"".$_POST["oldp"].""); ?>

and what/where is the validation on?

7/13/2011 9:11 am | #5 Jason ByrnesWebAssist

This code is used in the Data Assist update record behavior, it is the value used for the password column

validation can be added to your forms using the Form Toolkit extension.

10/14/2012 1:55 pm | #6 Miguel

Commenting back to this thread, Jason i little question, it has worked very good for me but i been consern about security on the websites do you think if i instead have the old password in a hidden field can i call it directly from the database for example

Jasons code

php:

<?php echo ((isset($_POST["pass"]) && $_POST["pass"] != "")?WA_SHA1Encryption($_POST["pass"]):"".$_POST["oldp"].""); ?>

Question code

php:

<?php echo ((isset($_POST["pass"]) && $_POST["pass"] != "")?WA_SHA1Encryption($_POST["pass"]):"".$recordset["xypassword"].""); ?>

im gonna give it a try tonight if it works ill post back

Yes it works!!!

10/15/2012 9:56 am | #7 Jason ByrnesWebAssist

YEs, using the recordset column will also work.

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now. Build a store, a gallery, or a web-based email solution.