DataTables
Advanced interaction
features for your tables.
Editor
Comprehensive editing
library for DataTables.
Manual
Download
Show site navigation

Standalone edit mode form for changing account password

Standalone edit mode form for changing account password

toni.petrovictoni.petrovic Posts: 8Questions: 4Answers: 0
edited January 6 in Free community support

Hi,

I am using Datatables Editor with PHP 2.2.2.

I would like to make a standalone form that would be triggered by user to show form for changing old password for the new one.

The js script is:

    var change_password_editor = new DataTable.Editor({
        ajax: "Ajax/ChangePassword.php", idSrc: "id", fields: 
            [
                {label: "ID", name: "id", type: "hidden"}, 
                {label: "Old Password", name: "old_password", type: "password"}, 
                {label: "New Password", name: "new_password", type: "password"}, 
                {label: "Confirm New Password", name: "confirm_new_password", type: "password"}
            ]
    });

function openChangePasswordForm() {
        // Open the Editor in 'create' mode but use it for editing the password
        change_password_editor.create({
            title: 'Change Password', buttons: 'Change'
        });

        // Manually set the ID of the user whose password is being changed
        change_password_editor.set('id', user.id);

        // Show only the password fields
        change_password_editor.show(['old_password', 'new_password', 'confirm_new_password']);
    }

In this way the action create is triggered, but if I change to edit, than the datatable should be lined to, but I do not have any, since it is a standalone form.

In the PHP side I would like to check if the old password is the same with the connection to the user id. If it is, then I would update the password field with new_password.

The perfect code would be like this (but it is not working - I guess the setFormatter does not support the field and use $db).

Editor::inst($db, 'users', 'id')
    ->fields(
        Field::inst('old_password')->set(false), // Prevents saving to DB
        Field::inst('new_password')->set(false),
        Field::inst('confirm_new_password')->set(false),
        Field::inst('password')->setFormatter(function ($val, $data, $field) use ($db) {
            // Access the data using the correct format
            $formData = $data['data'][0];

            if (isset($formData['old_password']) && isset($formData['new_password'])) {
                error_log(print_r($formData, true));
                $userId = $formData['id'];

                // Fetch the current password from the database
                $currentPassword = $db->sql('select password from users where id = ?', [$userId])->fetch();

                // Check if the old password matches
                if (md5($formData['old_password']) === $currentPassword['password']) {
                    // If it matches, hash and return the new password
                    return md5($formData['new_password']);
                } else {
                    // If it doesn't match, return an error
                    $field->setError('Old password is incorrect.');
                    return null;
                }
            }
            // If the old or new password isn't set, do nothing
            return null;
        })
    )
    ->process($_POST)
    ->json();

Could you be so kind and advise?

Regards,
Toni

This question has an accepted answers - jump to answer

Answers

  • allanallan Posts: 63,445Questions: 1Answers: 10,465 Site admin
    Answer ✓

    Hi Toni,

    The Editor PHP libraries are designed to be used with row editing, which this isn't. What I think you'll need to do is make use of the data being sent to you by Editor from the client-side and build some PHP / SQL statements that will process the data as needed, rather than attempting to use our Editor PHP libraries.

    The format of the data being submitted to the server-side is documented here and it is quite easy to use in PHP.

    One important point, which is not Editor related - don't use md5 for password hashing (see the PHP docs on this). Use crypt instead.

    Allan

  • toni.petrovictoni.petrovic Posts: 8Questions: 4Answers: 0

    Dear Allan,

    thank you for prompt answer. I will do it in my part of the API.

    Regarding for the md5 - this is a part of the old code and yes, I will do the transition to the BCRYPT algorithm. Thank you for highlighting this :).

    I will soon have another complicated table with CRUD functionality and two sub tables. Is that doable with PHP API?

    Kind regards,
    Toni

  • allanallan Posts: 63,445Questions: 1Answers: 10,465 Site admin

    Hi Toni,

    By two sub-tables, do you mean something like this nesting Editor example, or do you mean something more like a left join to two tables?

    Allan

  • toni.petrovictoni.petrovic Posts: 8Questions: 4Answers: 0

    Hi Allan,

    I would have a group item with specific data, than a sub items that would be from another table and then sub-sub items that would be connected via link table to another one :). I guess your nesting Editor would work for the last relation.

    The structure:

    Group 1 (fields: title, description, ...):
    - Mission1 (fields: title, description, location, ...)
    - Team 1
    - Team 2
    - Mission 2 (fields: title, description, location, ...)
    - Team 2
    Group 2 (fields: title, description, ...):
    - Mission XX (fields: title, description, location, ...)
    - Team XX

    The Group section and Mission could be handled with Child tables, but do not have an idea how to handle the team tables.

    Hope I made it clear enough :).

    Regards,
    Toni

Sign In or Register to comment.

DataTables

DataTables designed and created by SpryMedia Ltd.
© 2007-2023 MIT licensed. Privacy policy. Supporters.
SpryMedia Ltd is registered in Scotland, company no. SC456502.