Solved

How do I do MySQLi table maintenance for things like email addresses and passwords?

Posted on 2016-10-23
5
76 Views
Last Modified: 2016-11-01
I had this question after viewing CSRF session variables.
0
Comment
Question by:Black Sulfur
  • 3
  • 2
5 Comments
 
LVL 109

Accepted Solution

by:
Ray Paseur earned 500 total points
ID: 41856053
Here's the standard SSCCE teaching example for SQL table maintenance.  Please read it over and try some of the examples, then post back if you still have questions!
https://www.experts-exchange.com/articles/12335/PHP-and-MySQLi-Table-Maintenance.html

TL;DR -- preload your form input control values with the existing database values.  When the request comes back, update the database values.  Easy!

Passwords are a bit more involved.  Get the basic table maintenance part started first, then go over to this article about modern ways of handling passwords.
https://www.experts-exchange.com/articles/28768/Password-Hashing-in-PHP.html
0
 

Author Comment

by:Black Sulfur
ID: 41856072
Thanks, Ray.

I know I might be jumping the gun as I haven't read your whole article but it looks like it is just showing how to edit first name and last name? That would be considerably easier than trying to edit the email address and password because obviously you have to check that the email address is not already in use by another user and that the old password you input it in fact correct before you are allowed to enter a new password.
0
 
LVL 109

Expert Comment

by:Ray Paseur
ID: 41856080
Yeah, go ahead and read the article.  You have a lot of layers in this question, and that's why we have the articles here at E-E, because what seems conceptually simple in a question cannot be adequately answered without understanding the layers.

You can ensure that a column is UNIQUE in MySQL by adding the UNIQUE constraint to the table definition.  Any attempt to insert duplicate values into a UNIQUE column will trigger error #1062.  You can trap this and recognize it, for example, to be an email address that is already in use.

The password requires a multi-step process (but the form processing is still very simple).  First, you must look up the user (perhaps by email address) then you must pull out the current password hash from that row of the database.  Use the "old password" with password_verify() to check the hash.  If these match, hash the new password with password_hash() and store it back into that row of the database.
0
 

Author Comment

by:Black Sulfur
ID: 41856089
Thanks for the tip on marking the column as unique in mySql itself, I just did that now but I have  a check with PHP as well.

I am able to create the code to update the password as you mentioned with the password_verify and password_hash. I can also perform the email update but my problem was trying to have the email and password update in one form because perhaps the person didn't want to update their email address and only their password or vice versa. And like I mentioned, I didn't want them to just be able to change the password, there was a field for the old password to be inputted.

Anyway, let me read the full article and take it from there.

Thanks!
1
 

Author Comment

by:Black Sulfur
ID: 41868463
Sorry, forgot to close this out!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
how to call a remote wordpress to use his  content in a loop 3 35
Help with PHP 13 27
jQuery Toggle & Anchor Links 5 43
JQuery Search Filter 2 39
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
Creating and Managing Databases with phpMyAdmin in cPanel.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question