Closed DEHWall closed 9 months ago
Here's a couple ideas, it's untested code. I should add more demo examples to the project.
FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().
// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';
function on_insert(){
$_POST['password'] = password_hash($_POST['password'],
PASSWORD_DEFAULT);
}
function on_update(){
$password = $_POST['password'] ?? '';
// no password then remove the key from the post so we don't blank out
the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }
// validate
if(strlen($password) < 2)
return 'Password too short';
// alter the global $_POST array
$_POST['password'] = password_hash($_POST['password'],
PASSWORD_DEFAULT);
}
// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';
function after_insert($id){
global $lm;
$sql = "update table set password = my_hash(:password) where id = :id";
$lm->query($sql, array(':password' => $password, ':id' => $id));
}
function after_update(){
global $lm;
$id = $_POST['id'];
$password = $_POST['password'] ?? '';
// quit if there was no password posted, btw, we can't return
validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;
$sql = "update table set password = my_hash(:password) where id = :id";
$lm->query($sql, array(':password' => $password, ':id' => $id));
}
On Tue, Sep 12, 2023 at 6:26 AM DEHWall @.***> wrote:
Excellent utility for database editing!
Not an issue - just need some help with the following:
I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)
After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?
Hope you can help Many thanks
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Hi Ian,
Many thanks for the prompt reply.
I have taken your advice on using password_hash / password_verify – using option 1 and modifying my login script and it worked perfectly.
Many thanks again.
Ps – is there anyway that I can make use of the text-transform on input text fields?
text-transform: uppercase;
text-transform: lowercase;
text-transform: capitalize;
Best Regards
Dave
From: Ian @.> Sent: Tuesday, September 12, 2023 7:25 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)
Here's a couple ideas, it's untested code. I should add more demo examples to the project.
FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().
// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';
function on_insert(){
$_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
function on_update(){
$password = $_POST['password'] ?? '';
// no password then remove the key from the post so we don't blank out the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }
// validate if(strlen($password) < 2) return 'Password too short';
// alter the global $_POST array $_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';
function after_insert($id){
global $lm; $sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));
}
function after_update(){
global $lm; $id = $_POST['id']; $password = $_POST['password'] ?? '';
// quit if there was no password posted, btw, we can't return validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;
$sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));
}
On Tue, Sep 12, 2023 at 6:26 AM DEHWall @. <mailto:@.> > wrote:
Excellent utility for database editing!
Not an issue - just need some help with the following:
I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)
After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?
Hope you can help Many thanks
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you are subscribed to this thread.Message ID: @. <mailto:@.> >
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1716218379 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AEBMK3NFSXCYGWZJOOMIMSTX2CSJPANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AEBMK3LXLF4JLTZAEJG5VF3X2CSJPA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGJNVAW.gif Message ID: @. @.> >
Ps – is there anyway that I can make use of the text-transform on input text fields?
Yes, you can apply any css you would like.
Example: #lm input[type=text] { text-transform: uppercase; }
On Wed, Sep 13, 2023 at 2:04 AM DEHWall @.***> wrote:
Hi Ian,
Many thanks for the prompt reply.
I have taken your advice on using password_hash / password_verify – using option 1 and modifying my login script and it worked perfectly.
Many thanks again.
Ps – is there anyway that I can make use of the text-transform on input text fields?
text-transform: uppercase;
text-transform: lowercase;
text-transform: capitalize;
Best Regards
Dave
From: Ian @.> Sent: Tuesday, September 12, 2023 7:25 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)
Here's a couple ideas, it's untested code. I should add more demo examples to the project.
FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().
// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';
function on_insert(){
$_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
function on_update(){
$password = $_POST['password'] ?? '';
// no password then remove the key from the post so we don't blank out the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }
// validate if(strlen($password) < 2) return 'Password too short';
// alter the global $_POST array $_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';
function after_insert($id){
global $lm; $sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));
}
function after_update(){
global $lm; $id = $_POST['id']; $password = $_POST['password'] ?? '';
// quit if there was no password posted, btw, we can't return validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;
$sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));
}
On Tue, Sep 12, 2023 at 6:26 AM DEHWall @. <mailto:@.>
wrote:
Excellent utility for database editing!
Not an issue - just need some help with the following:
I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)
After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?
Hope you can help Many thanks
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe < https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4>
. You are receiving this because you are subscribed to this thread.Message ID: @. <mailto:@.> >
— Reply to this email directly, view it on GitHub < https://github.com/lazymofo/datagrid/issues/93#issuecomment-1716218379> , or unsubscribe < https://github.com/notifications/unsubscribe-auth/AEBMK3NFSXCYGWZJOOMIMSTX2CSJPANCNFSM6AAAAAA4U3OSE4> . You are receiving this because you authored the thread. < https://github.com/notifications/beacon/AEBMK3LXLF4JLTZAEJG5VF3X2CSJPA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGJNVAW.gif> Message ID: @. @.> >
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1717236851, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WHQBGL6PSHNLXBXPUTX2FZLNANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you commented.Message ID: @.***>
Thanks Ian
Will give that a go
Regards Dave
Regards David
From: Ian @.> Sent: Wednesday, September 13, 2023 5:05:58 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)
Ps – is there anyway that I can make use of the text-transform on input text fields?
Yes, you can apply any css you would like.
Example: #lm input[type=text] { text-transform: uppercase; }
On Wed, Sep 13, 2023 at 2:04 AM DEHWall @.***> wrote:
Hi Ian,
Many thanks for the prompt reply.
I have taken your advice on using password_hash / password_verify – using option 1 and modifying my login script and it worked perfectly.
Many thanks again.
Ps – is there anyway that I can make use of the text-transform on input text fields?
text-transform: uppercase;
text-transform: lowercase;
text-transform: capitalize;
Best Regards
Dave
From: Ian @.> Sent: Tuesday, September 12, 2023 7:25 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)
Here's a couple ideas, it's untested code. I should add more demo examples to the project.
FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().
// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';
function on_insert(){
$_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
function on_update(){
$password = $_POST['password'] ?? '';
// no password then remove the key from the post so we don't blank out the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }
// validate if(strlen($password) < 2) return 'Password too short';
// alter the global $_POST array $_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';
function after_insert($id){
global $lm; $sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));
}
function after_update(){
global $lm; $id = $_POST['id']; $password = $_POST['password'] ?? '';
// quit if there was no password posted, btw, we can't return validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;
$sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));
}
On Tue, Sep 12, 2023 at 6:26 AM DEHWall @. <mailto:@.>
wrote:
Excellent utility for database editing!
Not an issue - just need some help with the following:
I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)
After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?
Hope you can help Many thanks
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe < https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4>
. You are receiving this because you are subscribed to this thread.Message ID: @. <mailto:@.> >
— Reply to this email directly, view it on GitHub < https://github.com/lazymofo/datagrid/issues/93#issuecomment-1716218379> , or unsubscribe < https://github.com/notifications/unsubscribe-auth/AEBMK3NFSXCYGWZJOOMIMSTX2CSJPANCNFSM6AAAAAA4U3OSE4> . You are receiving this because you authored the thread. < https://github.com/notifications/beacon/AEBMK3LXLF4JLTZAEJG5VF3X2CSJPA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGJNVAW.gif> Message ID: @. @.> >
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1717236851, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WHQBGL6PSHNLXBXPUTX2FZLNANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you commented.Message ID: @.***>
— Reply to this email directly, view it on GitHubhttps://github.com/lazymofo/datagrid/issues/93#issuecomment-1717920285, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AEBMK3MBTBNLV2YVABRIX5LX2HKWNANCNFSM6AAAAAA4U3OSE4. You are receiving this because you authored the thread.Message ID: @.***>
Hi Ian,
I needed it for specific fields, so the following worked:
Set up new input control –upper
$lm->form_input_control[‘fieldname’] = '--upper';
And added to lazy_mofo.php line 1625:
elseif ($cmd == 'upper')
return "<input style='text-transform:uppercase;' type='text' name='$column_name' class='$class' value='" . $this->clean_out($value) . "' size='$size' $max_length placeholder='$validate_placeholder'>$validate_error $validate_placeholder_alternative";
Many thanks
Dave
From: Ian @.> Sent: Wednesday, September 13, 2023 5:06 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)
Ps – is there anyway that I can make use of the text-transform on input text fields?
Yes, you can apply any css you would like.
Example: #lm input[type=text] { text-transform: uppercase; }
On Wed, Sep 13, 2023 at 2:04 AM DEHWall @. <mailto:@.> > wrote:
Hi Ian,
Many thanks for the prompt reply.
I have taken your advice on using password_hash / password_verify – using option 1 and modifying my login script and it worked perfectly.
Many thanks again.
Ps – is there anyway that I can make use of the text-transform on input text fields?
text-transform: uppercase;
text-transform: lowercase;
text-transform: capitalize;
Best Regards
Dave
From: Ian @. <mailto:@.> > Sent: Tuesday, September 12, 2023 7:25 PM To: lazymofo/datagrid @. <mailto:@.> > Cc: DEHWall @. <mailto:@.> >; Author @. <mailto:@.> > Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)
Here's a couple ideas, it's untested code. I should add more demo examples to the project.
FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().
// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';
function on_insert(){
$_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
function on_update(){
$password = $_POST['password'] ?? '';
// no password then remove the key from the post so we don't blank out the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }
// validate if(strlen($password) < 2) return 'Password too short';
// alter the global $_POST array $_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);
}
// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';
function after_insert($id){
global $lm; $sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));
}
function after_update(){
global $lm; $id = $_POST['id']; $password = $_POST['password'] ?? '';
// quit if there was no password posted, btw, we can't return validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;
$sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));
}
On Tue, Sep 12, 2023 at 6:26 AM DEHWall @. <mailto:@.> mailto:***@***.***
wrote:
Excellent utility for database editing!
Not an issue - just need some help with the following:
I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)
After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?
Hope you can help Many thanks
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe < https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4>
. You are receiving this because you are subscribed to this thread.Message ID: @. <mailto:@.> mailto:***@***.*** >
— Reply to this email directly, view it on GitHub < https://github.com/lazymofo/datagrid/issues/93#issuecomment-1716218379> , or unsubscribe < https://github.com/notifications/unsubscribe-auth/AEBMK3NFSXCYGWZJOOMIMSTX2CSJPANCNFSM6AAAAAA4U3OSE4> . You are receiving this because you authored the thread. < https://github.com/notifications/beacon/AEBMK3LXLF4JLTZAEJG5VF3X2CSJPA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGJNVAW.gif> Message ID: @. <mailto:@.> @. <mailto:@.> > >
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1717236851, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WHQBGL6PSHNLXBXPUTX2FZLNANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you commented.Message ID: @. <mailto:@.> >
— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1717920285 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AEBMK3MBTBNLV2YVABRIX5LX2HKWNANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AEBMK3LTDVKHXKMAKBJ6WZTX2HKWNA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGMVRB2.gif Message ID: @. @.> >
Excellent utility for database editing!
Not an issue - just need some help with the following:
I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)
After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?
Hope you can help Many thanks