Query re: adding mysql function on after insert / update

Excellent utility for database editing!

Not an issue - just need some help with the following:

I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)

After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?

Hope you can help Many thanks

Here's a couple ideas, it's untested code. I should add more demo examples to the project.

FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().

// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';

function on_insert(){

$_POST['password'] = password_hash($_POST['password'],

PASSWORD_DEFAULT);

}

function on_update(){

$password = $_POST['password'] ?? '';

// no password then remove the key from the post so we don't blank out

the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }

// validate
if(strlen($password) < 2)
    return 'Password too short';

// alter the global $_POST array
$_POST['password'] = password_hash($_POST['password'],

PASSWORD_DEFAULT);

}

// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';

function after_insert($id){

global $lm;
$sql = "update table set password = my_hash(:password) where id = :id";
$lm->query($sql, array(':password' => $password, ':id' => $id));

}

function after_update(){

global $lm;
$id = $_POST['id'];
$password = $_POST['password'] ?? '';

// quit if there was no password posted, btw, we can't return

validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;

$sql = "update table set password = my_hash(:password) where id = :id";
$lm->query($sql, array(':password' => $password, ':id' => $id));

}

On Tue, Sep 12, 2023 at 6:26 AM DEHWall @.***> wrote:

Excellent utility for database editing!

Not an issue - just need some help with the following:

I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)

After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?

Hope you can help Many thanks

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you are subscribed to this thread.Message ID: @.***>

Hi Ian,

Many thanks for the prompt reply.

I have taken your advice on using password_hash / password_verify – using option 1 and modifying my login script and it worked perfectly.

Many thanks again.

Ps – is there anyway that I can make use of the text-transform on input text fields?

text-transform: uppercase;

text-transform: lowercase;

text-transform: capitalize;

Best Regards

Dave

From: Ian @.> Sent: Tuesday, September 12, 2023 7:25 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)

Here's a couple ideas, it's untested code. I should add more demo examples to the project.

FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().

// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';

function on_insert(){

$_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);

}

function on_update(){

$password = $_POST['password'] ?? '';

// no password then remove the key from the post so we don't blank out the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }

// validate if(strlen($password) < 2) return 'Password too short';

// alter the global $_POST array $_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);

}

// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';

function after_insert($id){

global $lm; $sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));

}

function after_update(){

global $lm; $id = $_POST['id']; $password = $_POST['password'] ?? '';

// quit if there was no password posted, btw, we can't return validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;

$sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));

}

On Tue, Sep 12, 2023 at 6:26 AM DEHWall @. <mailto:@.> > wrote:

Excellent utility for database editing!

Not an issue - just need some help with the following:

I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)

After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?

Hope you can help Many thanks

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you are subscribed to this thread.Message ID: @. <mailto:@.> >

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1716218379 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AEBMK3NFSXCYGWZJOOMIMSTX2CSJPANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AEBMK3LXLF4JLTZAEJG5VF3X2CSJPA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGJNVAW.gif Message ID: @. @.> >

Ps – is there anyway that I can make use of the text-transform on input text fields?

Yes, you can apply any css you would like.

Example: #lm input[type=text] { text-transform: uppercase; }

On Wed, Sep 13, 2023 at 2:04 AM DEHWall @.***> wrote:

Hi Ian,

Many thanks for the prompt reply.

I have taken your advice on using password_hash / password_verify – using option 1 and modifying my login script and it worked perfectly.

Many thanks again.

Ps – is there anyway that I can make use of the text-transform on input text fields?

text-transform: uppercase;

text-transform: lowercase;

text-transform: capitalize;

Best Regards

Dave

From: Ian @.> Sent: Tuesday, September 12, 2023 7:25 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)

Here's a couple ideas, it's untested code. I should add more demo examples to the project.

FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().

// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';

function on_insert(){

$_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);

}

function on_update(){

$password = $_POST['password'] ?? '';

// no password then remove the key from the post so we don't blank out the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }

// validate if(strlen($password) < 2) return 'Password too short';

// alter the global $_POST array $_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);

}

// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';

function after_insert($id){

global $lm; $sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));

}

function after_update(){

global $lm; $id = $_POST['id']; $password = $_POST['password'] ?? '';

// quit if there was no password posted, btw, we can't return validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;

$sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));

}

On Tue, Sep 12, 2023 at 6:26 AM DEHWall @. <mailto:@.>

wrote:

Excellent utility for database editing!

Not an issue - just need some help with the following:

I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)

After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?

Hope you can help Many thanks

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe < https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4>

. You are receiving this because you are subscribed to this thread.Message ID: @. <mailto:@.> >

— Reply to this email directly, view it on GitHub < https://github.com/lazymofo/datagrid/issues/93#issuecomment-1716218379> , or unsubscribe < https://github.com/notifications/unsubscribe-auth/AEBMK3NFSXCYGWZJOOMIMSTX2CSJPANCNFSM6AAAAAA4U3OSE4> . You are receiving this because you authored the thread. < https://github.com/notifications/beacon/AEBMK3LXLF4JLTZAEJG5VF3X2CSJPA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGJNVAW.gif> Message ID: @. @.> >

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1717236851, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WHQBGL6PSHNLXBXPUTX2FZLNANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you commented.Message ID: @.***>

Thanks Ian

Will give that a go

Regards Dave

Regards David

From: Ian @.> Sent: Wednesday, September 13, 2023 5:05:58 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)

Ps – is there anyway that I can make use of the text-transform on input text fields?

Yes, you can apply any css you would like.

Example: #lm input[type=text] { text-transform: uppercase; }

On Wed, Sep 13, 2023 at 2:04 AM DEHWall @.***> wrote:

Hi Ian,

Many thanks for the prompt reply.

I have taken your advice on using password_hash / password_verify – using option 1 and modifying my login script and it worked perfectly.

Many thanks again.

Ps – is there anyway that I can make use of the text-transform on input text fields?

text-transform: uppercase;

text-transform: lowercase;

text-transform: capitalize;

Best Regards

Dave

From: Ian @.> Sent: Tuesday, September 12, 2023 7:25 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)

Here's a couple ideas, it's untested code. I should add more demo examples to the project.

FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().

// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';

function on_insert(){

$_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);

}

function on_update(){

$password = $_POST['password'] ?? '';

// no password then remove the key from the post so we don't blank out the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }

// validate if(strlen($password) < 2) return 'Password too short';

// alter the global $_POST array $_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);

}

// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';

function after_insert($id){

global $lm; $sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));

}

function after_update(){

global $lm; $id = $_POST['id']; $password = $_POST['password'] ?? '';

// quit if there was no password posted, btw, we can't return validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;

$sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));

}

On Tue, Sep 12, 2023 at 6:26 AM DEHWall @. <mailto:@.>

wrote:

Excellent utility for database editing!

Not an issue - just need some help with the following:

I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)

After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?

Hope you can help Many thanks

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe < https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4>

. You are receiving this because you are subscribed to this thread.Message ID: @. <mailto:@.> >

— Reply to this email directly, view it on GitHub < https://github.com/lazymofo/datagrid/issues/93#issuecomment-1716218379> , or unsubscribe < https://github.com/notifications/unsubscribe-auth/AEBMK3NFSXCYGWZJOOMIMSTX2CSJPANCNFSM6AAAAAA4U3OSE4> . You are receiving this because you authored the thread. < https://github.com/notifications/beacon/AEBMK3LXLF4JLTZAEJG5VF3X2CSJPA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGJNVAW.gif> Message ID: @. @.> >

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1717236851, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WHQBGL6PSHNLXBXPUTX2FZLNANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you commented.Message ID: @.***>

Hi Ian,

I needed it for specific fields, so the following worked:

Set up new input control –upper

$lm->form_input_control[‘fieldname’] = '--upper';

And added to lazy_mofo.php line 1625:

    elseif ($cmd == 'upper')

        return "<input style='text-transform:uppercase;' type='text' name='$column_name' class='$class' value='" . $this->clean_out($value) . "' size='$size' $max_length placeholder='$validate_placeholder'>$validate_error $validate_placeholder_alternative";

Many thanks

Dave

From: Ian @.> Sent: Wednesday, September 13, 2023 5:06 PM To: lazymofo/datagrid @.> Cc: DEHWall @.>; Author @.> Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)

Ps – is there anyway that I can make use of the text-transform on input text fields?

Yes, you can apply any css you would like.

Example: #lm input[type=text] { text-transform: uppercase; }

On Wed, Sep 13, 2023 at 2:04 AM DEHWall @. <mailto:@.> > wrote:

Hi Ian,

Many thanks for the prompt reply.

I have taken your advice on using password_hash / password_verify – using option 1 and modifying my login script and it worked perfectly.

Many thanks again.

Ps – is there anyway that I can make use of the text-transform on input text fields?

text-transform: uppercase;

text-transform: lowercase;

text-transform: capitalize;

Best Regards

Dave

From: Ian @. <mailto:@.> > Sent: Tuesday, September 12, 2023 7:25 PM To: lazymofo/datagrid @. <mailto:@.> > Cc: DEHWall @. <mailto:@.> >; Author @. <mailto:@.> > Subject: Re: [lazymofo/datagrid] Query re: adding mysql function on after insert / update (Issue #93)

Here's a couple ideas, it's untested code. I should add more demo examples to the project.

FYI, you're not supposed to encrypt passwords, you should hash them instead. I'd recommend php's password_hash().

// option 1 - alter info before it's added to the database $lm->on_insert_user_function = 'on_insert'; $lm->on_update_user_function = 'on_update';

function on_insert(){

$_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);

}

function on_update(){

$password = $_POST['password'] ?? '';

// no password then remove the key from the post so we don't blank out the existing entry if(strlen($password) == 0){ unset($_POST['password']); return; }

// validate if(strlen($password) < 2) return 'Password too short';

// alter the global $_POST array $_POST['password'] = password_hash($_POST['password'], PASSWORD_DEFAULT);

}

// option 2 - alter data AFTER it's been added to the database $lm->after_insert_user_function = 'after_insert'; $lm->after_update_user_function = 'after_update';

function after_insert($id){

global $lm; $sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));

}

function after_update(){

global $lm; $id = $_POST['id']; $password = $_POST['password'] ?? '';

// quit if there was no password posted, btw, we can't return validation errors in after_ hooks, the data has already been saved into the database if(strlen($password) <= 0) return;

$sql = "update table set password = my_hash(:password) where id = :id"; $lm->query($sql, array(':password' => $password, ':id' => $id));

}

On Tue, Sep 12, 2023 at 6:26 AM DEHWall @. <mailto:@.> mailto:***@***.***

wrote:

Excellent utility for database editing!

Not an issue - just need some help with the following:

I need the ability to change the password field which is encrypted with AES_ENCRYPT() e.g. select Userid, Name, AES_DECRYPT(password,'key value') password.... from users (etc.)

After an update to the 'password' field - how would I invoke AES_ENCRYPT('new password value', 'key value') in the MySQL update?

Hope you can help Many thanks

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93, or unsubscribe < https://github.com/notifications/unsubscribe-auth/ABRM2WFU5JD7CUCMRQ2GQ2DX2BPHDANCNFSM6AAAAAA4U3OSE4>

. You are receiving this because you are subscribed to this thread.Message ID: @. <mailto:@.> mailto:***@***.*** >

— Reply to this email directly, view it on GitHub < https://github.com/lazymofo/datagrid/issues/93#issuecomment-1716218379> , or unsubscribe < https://github.com/notifications/unsubscribe-auth/AEBMK3NFSXCYGWZJOOMIMSTX2CSJPANCNFSM6AAAAAA4U3OSE4> . You are receiving this because you authored the thread. < https://github.com/notifications/beacon/AEBMK3LXLF4JLTZAEJG5VF3X2CSJPA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGJNVAW.gif> Message ID: @. <mailto:@.> @. <mailto:@.> > >

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1717236851, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABRM2WHQBGL6PSHNLXBXPUTX2FZLNANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you commented.Message ID: @. <mailto:@.> >

— Reply to this email directly, view it on GitHub https://github.com/lazymofo/datagrid/issues/93#issuecomment-1717920285 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AEBMK3MBTBNLV2YVABRIX5LX2HKWNANCNFSM6AAAAAA4U3OSE4 . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AEBMK3LTDVKHXKMAKBJ6WZTX2HKWNA5CNFSM6AAAAAA4U3OSE6WGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTTGMVRB2.gif Message ID: @. @.> >

lazymofo / datagrid

Query re: adding mysql function on after insert / update #93