I am using PHP 8.x and an admin control panel, what I want to achieve is if I want to edit user1 and “Password” and “Confirm Password” fields are empty “password” row in DB should not be changed.
Bellow is the current PHP code that I am using but if “Password” and “Confirm Password” fields are empty row “password” in DB will be changed to “0” EMPTY and user would be able to login with an EMPTY password on login form.
code here:
if (isset($_POST['submit'])) { extract($_POST); if ($username == '') { $error[] = 'Please enter the username.'; } if (strlen($password) > 0) { if ($password == '') { $error[] = 'Please enter the password.'; } if (strlen($password) < 6) { $error[] = 'Please use a password that is at least 6 characters long'; } if ($passwordConfirm == '') { $error[] = 'Please confirm the password.'; } if ($password != $passwordConfirm) { $error[] = 'Passwords do not match.'; } } if ($email == '') { $error[] = 'Please enter the email address.'; } if ($role == '') { $error[] = 'Please confirm the roles.'; } if (!isset($error)) { try { if (isset($password)) { $hashedpassword = $user->password_hash($password, PASSWORD_BCRYPT); //update into database if ($role == 'admin' || $role == 'manager') $private = 'yes'; if ($role == 'user') $private = 'No'; $stmt = $db->prepare('UPDATE web_users SET username = :username, password = :password, email = :email, role = :role, private = :private WHERE memberID = :memberID'); $stmt->execute(array( ':username' => $username, ':password' => $hashedpassword, ':email' => $email, ':role' => $role, ':private' => $private, ':memberID' => $memberID )); } else { //update database if ($role == 'admin' || $role == 'manager') $private = 'yes'; if ($role == 'user') $private = 'No'; $stmt = $db->prepare('UPDATE web_users SET username = :username, email = :email, role = :role, private = :private WHERE memberID = :memberID'); $stmt->execute(array( ':username' => $username, ':email' => $email, ':role' => $role, ':private' => $private, ':memberID' => $memberID )); } //redirect to index page header('Location: users.php?action=updated'); exit; } catch(PDOException $e) { echo $e->getMessage(); } } } ?>
Advertisement
Answer
Instead of doing
if(isset($password)){ /// logic }
do this:
if(!empty($password)){ /// logic }