SitePoint Sponsor

User Tag List

Results 1 to 6 of 6

Hybrid View

  1. #1
    SitePoint Enthusiast
    Join Date
    Sep 2012
    Location
    BD
    Posts
    49
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Unable to generate random password for a database

    Hello everybody,
    I am facing problem for create random unique password for every row. My idea is : I have a button and when i will click on that button then all password will be reseted and create unique password for every row. By my recent script all password is reset but all password is same but i want different password for every row. Please help me. I am providing you my code here :

    HTML Code:
    <form action='ques-mng.php?do=submit&for=reset-all' method='post'>
    <input type='submit' name='submit' value='Reset all password' class='btn btn-danger'>
    </form>
    PHP Code:

    if($do=='submit' and $for=='reset-all'){
    $reset=rand();
    mysql_query("UPDATE ques_ans_data SET rec_restriction='$reset
    WHERE qa_id!=''"
    );
    echo 
    "<meta http-equiv='refresh' content='0;url=ques-mng.php'>";
    exit();

    I want when that reset button will be pressed then all password will be reseted and all password will be different than another . Please help me if you know about this.

    Thanks in advance
    Last edited by anturj; Aug 17, 2013 at 23:22. Reason: spelling mistake

  2. #2
    SitePoint Evangelist
    Join Date
    Aug 2006
    Location
    Nantwich, Cheshire
    Posts
    455
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    You're generating a random password, then you're running one query to set every password to that random password, so they will all be the same. What you need is a query to select every record, get each row, generate the random password individually for each row, then assign it to the password. So roughly pseudo-code:

    $result = mysql_query("select * from ques_ans_data")
    while ($row = mysql_fetch_array($result, MYSQL_ASSOC)
    {
    $pw = rand()
    $res = mysql_query("update ques_ans_data set rec_restriction=$pw where id = <your-record-id>")
    }

    So you grab each record in turn, generate the password, then post it back into the record, then loop to the next record.
    http://www.firenza.net - my homage to a car from the 1970s

  3. #3
    SitePoint Wizard silver trophybronze trophy asp_funda's Avatar
    Join Date
    Jun 2003
    Location
    ether
    Posts
    4,497
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by anturj View Post
    PHP Code:
    if($do=='submit' and $for=='reset-all'){
    $reset=rand();
    mysql_query("UPDATE ques_ans_data SET rec_restriction='$reset
    WHERE qa_id!=''"
    );
    echo 
    "<meta http-equiv='refresh' content='0;url=ques-mng.php'>";
    exit();

    I want when that reset button will be pressed then all password will be reseted and all password will be different than another .
    Since you're giving only one value and updating all records with it, ofcourse all records are going to have same value. So either you do this in a loop or if you just want some random strings in your rows then this is much more efficient (instead of updating all rows one by one):

    PHP Code:
    if( $do == 'submit' && $for == 'reset-all' ) {
        
    mysql_query"UPDATE ques_ans_data SET rec_restriction = LEFT( MD5( RAND() ), 12 ) WHERE qa_id != ''" );
        echo 
    "<meta http-equiv='refresh' content='0;url=ques-mng.php'>";
        exit();

    Our lives teach us who we are.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Me - Photo Blog - Personal Blog - Dev Blog
    iG:Syntax Hiliter -- Colourize your code in WordPress!!

  4. #4
    SitePoint Evangelist
    Join Date
    Aug 2006
    Location
    Nantwich, Cheshire
    Posts
    455
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Ah, I saw the mysql rand() function but hadn't thought of the MD5 part as I'm beginning with this.

    Although out of the scope of the OPs question, isn't there a flaw in using the single query to set all the passwords to a random string, in that no-one would know what their password is? Using a loop would allow users to be emailed with their 'random' password so they can login and change it. I'm working on a site (my first PHP site) that will need user login control and reading up on how others do it.
    http://www.firenza.net - my homage to a car from the 1970s

  5. #5
    SitePoint Wizard silver trophybronze trophy asp_funda's Avatar
    Join Date
    Jun 2003
    Location
    ether
    Posts
    4,497
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by droopsnoot View Post
    isn't there a flaw in using the single query to set all the passwords to a random string, in that no-one would know what their password is? Using a loop would allow users to be emailed with their 'random' password so they can login and change it.
    You should never ever email passwords. One of the situations where you might need to batch reset passwords of user accounts is when you think your database(s) might have been compromised. In that situation, you reset passwords of all accounts and then email the users a unique link (usable only once) which they can use to reset the password themselves. That way passwords are not transmitted (by you) outside your app.
    Our lives teach us who we are.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Me - Photo Blog - Personal Blog - Dev Blog
    iG:Syntax Hiliter -- Colourize your code in WordPress!!

  6. #6
    SitePoint Evangelist
    Join Date
    Aug 2006
    Location
    Nantwich, Cheshire
    Posts
    455
    Mentioned
    2 Post(s)
    Tagged
    0 Thread(s)
    Yes, fair point. I hope I was thinking of self-generated user names rather than passwords when talking of email. But I recall now the massive password reset links I've had before.
    http://www.firenza.net - my homage to a car from the 1970s


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •