Error : Password field (User edit)

[ogacitua]

There is an error that occurs when the user edits their information but does not change the password, the value of the password is changed to an empty

Line 212 in /src/routes/admin.route.php

 $password = hash('sha512', $app->request->post('password'));

Then

$password = hash('sha512', "");

The solution is to check if the field is empty

  $app->post('/users/edit/:id', $authenticate($app, $settings), function($id) use ($app, $settings) {
        $username   = $app->request->post('username');
        $pass       = $app->request->post('password');
        $password   = hash('sha512', $pass );
        $email  = $app->request->post('email');

        if($username == "") {
            $app->flash('error', 1);
            $app->redirect($settings->base_url . '/admin/users/new');
        }
        if($email == "" OR !filter_var($email, FILTER_VALIDATE_EMAIL)) {
            $app->flash('error', 2);
            $app->redirect($settings->base_url . '/admin/users/new');
        }

        $redirect = $settings->base_url . '/admin/users';
        if (!$pass == "") {
            Users::where('id', '=', $id)->update(array('username' => $username, 'password' => $password, 'email' => $email));
        } else {
            Users::where('id', '=', $id)->update(array('username' => $username, 'email' => $email));
        }
        $app->render('success.html', array('redirect' => $redirect));
    })->conditions(array('id' => '\d+'));

What do you think?

[fdisotto]

It's a good solution, fork project and send a pull request with your solution. Change this line

 if (!$pass == "") {

with this

if (!empty($pass)) {

:smile:

[fdisotto]

Good work :) Thank you