How to get the PW in the right place

Pedroski55 · May 20, 2020, 2:31am

I take the column number, then password_hash($number). I want the PW in the same row, but it goes to the bottom.
I can export it as csv, put them in the right place, but that is not ideal.
I tried WHERE id = $id

Maybe I should use UPDATE ??

How to make the PW go in the current row in the column ‘password’?

<?php

$user = 'myusername';
$pass = 'mypassword';
try {
    $dbh = new PDO('mysql:host=localhost;dbname=allstudentsdb', $user, $pass);
    foreach($dbh->query('SELECT * from makePW1') as $row) {
    	  $id = $row['id'];
    	  print_r('ID is ' . $id . '<br>');
    	  $number = $row['number'];
              print_r('number is ' .  $number . '<br>');
              $password = password_hash($number, PASSWORD_DEFAULT);
              print_r('password is ' . $password . '<br>');
        $stmt = $dbh->prepare('INSERT INTO makePW1 (number, password) VALUES (:number, :password)' );
		  $stmt->execute(['number' => $number, 'password' => $password]);
    }
    $dbh = null;
} catch (PDOException $e) {
    print "Error!: " . $e->getMessage() . "<br/>";
    die();
}
?>

Ideally, each student would register himself or herself. I have a register, login system working great on my laptop, but when I upload it to my cheap’n’nasty GoDaddy shared hosting, it takes a really long time to load and often just will not finish! Don’t know why!

Strider64 · May 20, 2020, 3:38am

Don’t you have another thread on another forum?

I know on the other forum a long time ago a person with more knowledge in PHP told me to to deep six that security script and leave it to the experts to do handle that. I don’t know why you are insisting in picking passwords for students? Especially if they are young as I know from life that younger people have a better memory than me. I’m no security expert, but using a number for a password no matter if it’s encrypted is a bad idea as I’m sure a hacker could crack that pretty easily. If you are worried about students forgetting their passwords there’s a simple trick that someone once told me and that is to take a phrase and pick the first letter of each word. An example would be “I almost ran over that darn baby rabbit with my lawn mower” would be iarotdbrwmlm then just add some numbers and capitalize a letter. Maybe some like Iarotdbrwmlm1918. Just don’t use a phrase that everyone knows about you. It’s makes for a pretty good password. BTW - I did almost run over a baby rabbit today.

Pedroski55 · May 20, 2020, 4:23am

“Don’t you have another thread on another forum?”

Yes, but it is not so easy getting an answer that works! I always think, this stuff is so easy for your guys. 2 or 3 lines of code.

Maybe you didn’t read the bottom of my post:

“Ideally, each student would register himself or herself. I have a register, login system working great on my laptop, but when I upload it to my cheap’n’nasty GoDaddy shared hosting, it takes a really long time to load and often just will not finish! Don’t know why!”

When I got that to work on my laptop, I thought, “Great, now I can tell them all to register and login with their email and their own password.”

But I didn’t reckon with GoDaddy.

If you know how to put the PW where I would like it, you may tell me if you wish.

astonecipher · May 20, 2020, 2:24pm

What are you trying to export? That database?

Pedroski55 · May 20, 2020, 9:50pm

Nope!

A long time ago, on this forum somewhere, I mentioned I was using a password made with MD5() using old code from an old book by Kevin Yank.

I remember Strider mentioned then, that that was too old. I should be using password_hash() and password_verify(). I took that to heart.

Since then I’ve been trying to figure out how that works. I think I am almost there.

The problem: This code will take the $number and make a PW. The only problem is:

it does not INSERT INTO the current row. The password is written at the end of the table.
I also tried REPLACE INTO
and I tried WHERE id = $id

So that’s all I want: write $password in the current row in the column ‘password’.

The printing is only so I can see that something is happening. I can see the result in mysql.

$password = password_hash($number, PASSWORD_DEFAULT);
              print_r('password is ' . $password . '<br>');
        $stmt = $dbh->prepare('INSERT INTO makePW1 (number, password) VALUES (:number, :password)' );
		  $stmt->execute(['number' => $number, 'password' => $password]);
    }

As I mentioned, I was very happy when I got a register and login system working on my laptop, using an email and a password which the user (i.e. student) enters. But it won’t work on my webhost. So this is my workaround.

JimL · May 21, 2020, 7:07am

In the original question yes you need an update query to update an existing record.

As to the rest, I strongly suggest just ditching this entire workaround, post your entire registration code and we’ll figure out the original issue.

Pedroski55 · June 11, 2020, 8:34am

Thanks for your reply.
We shouldn’t reinvent the wheel.
This kind of thing is needed so often, people have already done it many times.

I got the necessary code from sourecodester.com This is a good address for people like me!

Still had to play with it, to get it to do what I wanted, but now it works just great!

Register, login. I ran an end-of-term exam for 2 colleagues yesterday, all good!

Getting a timer right, so that the exam only opens at say 3pm and shuts at 4pm on a ceertain day cost me a headache with if((date(‘n’) !=6 or date(‘d’) < 10 … {include jsclock.html; exit();}

But all’s well that ends well!