How to update a column only when there is value

How to update a column only when there is value

INTONEINTONE Posts: 153Questions: 58Answers: 6
edited October 2014 in Editor

Hi,

I am trying to update a column using a custom logic but it does not seem to work as expected.

               $data = Editor::inst( $db, 'users','user_id' ) ->fields(

                Field::inst( 'users.create_reset_password' ),
                Field::inst( 'users.salt' ),
                    Field::inst( 'users.hash' )

            );

        if(isset($_POST['action']) && ($_POST['action'] === 'create' || $_POST['action'] === 'edit')){

            //check if we should create a password
            if($_POST['data']['users']['create_reset_password'] == 'YES'){

                $salt     =  generateRandomString();
                $password = substr(generateRandomString(),0,8);

                $a = array('cost' => 12, 'salt' => $salt);
                $hash = password_hash($password, PASSWORD_BCRYPT, $a);

                $_POST['data']['users']['salt'] = $salt;
                $_POST['data']['users']['hash'] = $hash;
                $_POST['data']['users']['create_reset_password'] = '';

            } 

        }

        $out = $data->process($_POST)->data();

         //do more stuff if there is no edit or create action below
             if(!isset($_POST['action']) {
                   //blaw blaw
            }

          //final output
         echo json_encode( $out );

The problem I am having is that salt and hash is been updated with NULL even when

            $_POST['data']['users']['create_reset_password'] 

is set to NO, thus deleting user credentials. Is there away to have salt and hash only update when

             $_POST['data']['users']['create_reset_password'] 

is set to yes?

This question has an accepted answers - jump to answer

Answers

  • allanallan Posts: 63,523Questions: 1Answers: 10,473 Site admin

    Are you submitting information for the salt and hash parameters? Editor should only write to fields it has data for.

    Allan

  • INTONEINTONE Posts: 153Questions: 58Answers: 6
    edited October 2014

    Yes. I want to update the salt and hash only

         if($_POST['data']['users']['create_reset_password'] == 'YES'){}
    

    otherwise that block of code should not run and the salt and hash should not update to NULL but remain as is in the database. There is no hidden salt and client elements in the editor form, only a create_reset_password field. So if create_reset_password is set to NO how is this

          if($_POST['data']['users']['create_reset_password'] == 'YES'){}
    

    block of code executed.

    Could the

          $_POST['data']['users']['salt'] and $_POST['data']['users']['hash']
    

    be updated outside of this:

          if($_POST['data']['users']['create_reset_password'] == 'YES'){}
    
  • allanallan Posts: 63,523Questions: 1Answers: 10,473 Site admin

    So $_POST['data']['users']['salt'] only has a value if the create reset password variable is YES? But if that isn't the case, then Editor is nulling the data?

    That shouldn't be happening. If they have no value, then they shouldn't be getting set at all.

    Could you confirm you are using the Editor 1.3.3 libraries? Also, could you show me the full PHP code.

    Allan

  • INTONEINTONE Posts: 153Questions: 58Answers: 6
    edited November 2014

    $_POST['data']['users']['salt'] and $_POST['data']['users']['hash'] can have one of three values. They could be set to actual salt and hash random values or set to NULL both from the database. Otherwise from that they can be set

         if($_POST['data']['users']['create_reset_password'] == 'YES'){}
    

    Anyways here is the complete code set:

            // Build our Editor instance and process the data coming from _POST
            $data = Editor::inst( $db, 'users','user_id' ) ->fields(
    
                    Field::inst( 'users.email' )->validator( 'Validate::email_required' ),
                    Field::inst( 'users.first_name' )->validator( 'Validate::required' ),
                    Field::inst( 'users.last_name' )->validator( 'Validate::required' ),
                    Field::inst( 'users.contact_number_1' ),
                    Field::inst( 'users.contact_number_2' ),
                    Field::inst( 'users.active' ),
                    Field::inst( 'users.company_branches_id' )->validator( 'Validate::required' ),
                    Field::inst( 'users.company_id' ),
                    Field::inst( 'company_branches.company_name' ),
                    Field::inst( 'users.date_time_created' )->validator( 'Validate::notEmpty' ),
                    Field::inst( 'users.created_by_user_id' ),
                    Field::inst( 'users.last_updated_by_user_id'),
                    Field::inst( 'users.date_time_last_updated' ),
                    Field::inst( 'users.create_reset_password' ),
                    Field::inst( 'users.salt' ),
                    Field::inst( 'users.hash' )
    
    
    
                )->leftJoin( 'company_branches', 'company_branches.company_branches_id', '=', 'users.company_branches_id',array( 'company_id'=>$session->getVar('company_id')) )
                 ->where( $key = 'users.company_id', $value = $session->getVar('company_id'), $op = '=' );
    
                 //check if we are in create or edit state  
                if(isset($_POST['action']) && ($_POST['action'] === 'create' || $_POST['action'] === 'edit')){
    
                //check if we should create a password
                if($_POST['data']['users']['create_reset_password'] == 'YES'){
    
                    $salt     =  generateRandomString();
                    $password = substr(generateRandomString(),0,8);
    
                    $a = array('cost' => 12, 'salt' => $salt);
                    $hash = password_hash($password, PASSWORD_BCRYPT, $a);
    
                    $_POST['data']['users']['salt'] = $salt;
                    $_POST['data']['users']['hash'] = $hash;
                    $_POST['data']['users']['create_reset_password'] = '';
    
    
    
                  //send email
                   sendEmailResetPass( $_POST['data']['users']['email'], $_POST['data']['users']['first_name']. " ".  $_POST['data']['users']['last_name'],$password,$_POST['action']);
    
                } 
    
            }
    
    
    
                 $out = $data->process($_POST)->data();
    
    
    
               if ( ! isset($_POST['action']) ) {
    
               $out['company_branches'] = $db->selectDistinct( 'company_branches', 'company_branches_id as value, company_name as label',array( 'company_id'=>$session->getVar('company_id')) )
               ->fetchAll();
    
            }
    
    
          echo json_encode( $out );
    
  • INTONEINTONE Posts: 153Questions: 58Answers: 6

    Any luck in looking into this anyone?

  • allanallan Posts: 63,523Questions: 1Answers: 10,473 Site admin
    Answer ✓

    Sorry - delayed in looking into it!

    $_POST['data']['users']['salt'] and $_POST['data']['users']['hash'] can have one of three values.

    Can they not be set at all? null is a value (or rather the absence of a set value, which is not the same as not being set in PHP).

    For example - what do you get if you do: print_r( $_POST ); immediately before the process() call? You'll get a JSON error of course, but what is in the returned data?

    Allan

This discussion has been closed.