Setting encrypted passwords for clients

This topic is locked

Setting encrypted passwords for clients	7/20/2006 2:34:00 AM
PHPRunner General questions
G giles author Hi, Our team has a number of consultants, each of whom operates as basically an independent business with his/her own clients. With PHPRunner I have created two projects providing access to the one data base. The first project has the web pages that the consultants use to long-in and manage their work. The second project has the web pages used by the clients. The clients have to log in with encrpyted passwords. All is working very well however I do not want to have to administer the inevitable lost passwords by clients. I want the consultants to be able to do this. The consultants have edit access to the client records containing the client loginname field and the password field so they can change them. I need the password they enter to be MD5 encrypted. Any ideas on how to do this?

Mark as Solved Mark as not solved

6 replies


J	Jane 7/20/2006
	Hi, you can do it using events. Here is a sample code for the Before record updated event: function BeforeEdit(&$values, $where) { $values["Password"] = "md5(".$values["Password"].")"; return true; } where Password is your actual field name. But this code will work for MySQL only.


G	giles author 7/20/2006
	Hi Jane, Thanks for the quick response. The code snippet has a problem - it encrypts whatever is in the password field even if it already aan existing password. Is there a way to get the code to not do the encryption if the edits to a client record do not change the password? Thanks in advance. Giles


J	Jane 7/21/2006
	Giles, you need to check did user change password or not. Try to use following code for your event: function BeforeEdit(&$values, $where) { global $conn; $str = "select * from TableName where ".$where; $rs = db_query($str,$conn); $data = db_fetch_array($rs); echo $data["Password"]; echo $values["Password"]; if (strcmp("'".$data["Password"]."'",$values["Password"])!=0) { $values["Password"]="md5(".$values["Password"].")"; } return true; } where TableName is your actual table name.


G	giles author 7/21/2006
	Hi Jane, Once again, thanks for the fast response. The new code snippet produces an error on the save although it does determine if the password has changed and it also saves a new password in its encrypted form in to the client record. The error details are: PHP Error Happening Error type: 2 Error description: Cannot modify header information - headers already sent by (output started at C:\BC\oss\httpd\htdocs\CoachCnr\include\Clients_events.php:14) URL: www..com.au/Coachcnr/Clients_edit.php? Error file: C:\BC\oss\httpd\htdocs\CoachCnr\include\Clients_events.php Error line: 31 SQL query: update `contacts` set `CompanyName`= etc,etc... Here's the Clients_events.php file as well. (I put the echo $where statement in just to see if the condition was being processed correctly (and it is...) <?php function BeforeEdit(&$values, $where) { // Parameters: // $values - Array object. // Each field on the Edit form represented as 'Field name'-'Field value' pair // $where - string with WHERE clause pointing to record to be edited // Custom code ****** // put your custom code here global $conn; $str = "select * from contacts where ".$where; $rs = db_query($str,$conn); $data = db_fetch_array($rs); echo $data["fd_Password"]; echo $values["fd_Password"]; if (strcmp("'".$data["fd_Password"]."'",$values["fd_Password"])!=0) { $values["fd_Password"]="md5(".$values["fd_Password"].")"; echo $where; } return true; // return true if you like to proceed with editing this record // return false in other case } function AfterEdit() { // Redirect to another page ****** header("Location: Clients_List.php"); exit(); } ?> Without the code everything else has been working fine. Any ideas on why this error is occuring? Giles.


	Sergey Kornilov admin 7/22/2006
	You need to remove echo $data["fd_Password"]; echo $values["fd_Password"]; statements because redirect in AfterEdit event won't work if you sent something to output.


G	giles author 7/22/2006
	Hi Sergey, Thanks, that now works perfectly. <img src='https://asprunner.com/forums/file.php?topicimage=1&fieldname=reply&id=9956&image=1&table=forumreplies' class='bbc_emoticon' alt=':D' /> Giles

6 replies

Mark as Solved Reply